inferium Posted April 16, 2009 Share Posted April 16, 2009 Heya everyone, I'm having a slight problem. I have a form that I want to disable apostrophes in when users input in a text box. Can anybody help me please? Thanks a bunch!! Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted April 16, 2009 Share Posted April 16, 2009 You could strip the apostrophes when they submit, error if they submit them, or use javascript to disallow submission if they have an apostrophe (you would still need a server-side check though). If you're just trying to secure a sql query or something similar to that though, just escaping it is the best way. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 16, 2009 Share Posted April 16, 2009 Why do you want to do this? If the reason is that they are causing problems when storing in a MySQL database, then you have to use mysql_real_escape_string on the values when storing them. Ken Quote Link to comment Share on other sites More sharing options...
inferium Posted April 16, 2009 Author Share Posted April 16, 2009 Ah thanks guys The reason is that it mysql errors when I try to submit the app. I'm using a csv database that this form feeds into. Do you think escaping it would be the best method? I've seen a few javascripts that disable commas and apostrophes, but apparently it's not cross-browser compatible all the time. Quote Link to comment Share on other sites More sharing options...
dietkinnie Posted April 16, 2009 Share Posted April 16, 2009 Not sure if this is what you men but cant you use something like this ? $text = 'The food's good' $remove = preg_replace("/'/",'',$text); $remove would display : 'The foods good' Quote Link to comment Share on other sites More sharing options...
inferium Posted April 16, 2009 Author Share Posted April 16, 2009 does that work for input fields in a form as well? or just pre-determined text? Quote Link to comment Share on other sites More sharing options...
dietkinnie Posted April 16, 2009 Share Posted April 16, 2009 does that work for input fields in a form as well? or just pre-determined text? I think it should. input.php <html> <body> <form action="myform.php" method="post"> <p>Your Name: <input type="text" name="yourname" /><br /> </form> </body> </html> myform.php <html> <body> <?php $fname = $_POST['yourname']; $remove = preg_replace('/"/','',$fname); echo $remove; ?> </body> </html> If you run input.php and enter the text 'John"Brown" for example, the output would be 'John Brown'. Quote Link to comment Share on other sites More sharing options...
inferium Posted April 16, 2009 Author Share Posted April 16, 2009 ah sweet, thanks! Quote Link to comment Share on other sites More sharing options...
premiso Posted April 16, 2009 Share Posted April 16, 2009 Alternatively, you could code properly for mysql and allow the use of apostrohes. See mysql_real_escape_string as it will properly escape the right items to prevent mysql from causing a fuss over stuff. <?php if (isset($_POST['submit'])) { // given that your submit button is named submit $field = isset($_POST['field'])?mysql_real_escape_string($_POST['field']):null; // mysql items } ?> Just now that this is for textual data, if a numeric data you should verify it is numeric etc. But that would escape your field properly and allow you to store apostrophes without worry of an error. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.