Ok.. I'm working on escaping stuff from my video module... My question now is: numeric database fields (int) needs to get escaped? I think that this is not required becouse is not possible to store any XSS vulnerable value in it... but I can be wrong. Fabio