[SOLVED] Apostrophe in value of text input

[hamhanded]

Folks,

 

I've got a text input box for the name of a performing  group.  One such group is named "Beginner's Luck".  I've used the proper mysql_real_escape_string() to get the proper name into the database.  No problem.  I've got it displaying as text any where I want in the web pages after extracting it from the DB.  But it will not display correctly in a text input box.  Instead of "Beginner's Luck" I get "Beginner", or if I've used too many addslashes() or such it will print "Beginner\" or "Beginner\\\".  But never the "s Luck".  I've tried all sorts of combinations of mysql_real_escape_string(), addslashes(), stripslashes() and htmlentities() to attempt to display this value in the text input box, to no avail.  Funny thing is, the value prints out just fine anywhere except in a text input box.  Problem is, I have to be able to edit the entire record, including the group name.

This behavior is identical for other groups with an apostrophe in the name.

 

The text input code has been expanded to look like this:

  $sqlstr = "SELECT * FROM Quartets WHERE QID='" . $qid . "' ORDER BY QtName";
  $res = mysql_query( $sqlstr, $db )
    or die( 'Failed Quartet Query ' . mysql_errno() );
  $qname = mysql_result( $res, 0, "QtName" );
  $q1 = htmlentities( stripslashes( stripslashes( $qname ) ) );
  $q2 = stripslashes( mysql_real_escape_string( $qname ) );
  $q3 = stripslashes( $qname );
  $q4 = htmlentities( stripslashes( $qname ) );
  echo "Q1: " . $q1 . "<br />";
  echo "<input type='Text' name='q1' value='" . $q1 . "' width='40' maxlength='40' class='.textin'>";
  echo "Q2: " . $q2 . "<br />";
  echo "<input type='Text' name='q2' value='" . $q2 . "' width='40' maxlength='40' class='.textin'>";
  echo "Q3: " . $q3 . "<br />";
  echo "<input type='Text' name='q3' value='" . $q3 . "' width='40' maxlength='40' class='.textin'>";
  echo "Q4: " . $q4 . "<br />";
  echo "<input type='Text' name='q4' value='" . $q4 . "' width='40' maxlength='40' class='.textin'>";
  echo "<input type='hidden' name='qid' value='" . $qid . "'>";
  echo "<input type='Text' name='qtet' value='" . htmlentities( stripslashes( $qname ) ) . "' width='20' maxlength='40' class='.textin'>";

 

The output of that code is attached as a .png file.

 

Thanks for any help you can give me.

 

Tom (aka HamHanded The Unmerciful)

 

 

[attachment deleted by admin]

[DarkSuperHero]

this might be due to the fact you are using single quotes in your html file....

try....

 

 

$sqlstr = "SELECT * FROM Quartets WHERE QID='" . $qid . "' ORDER BY QtName";
  $res = mysql_query( $sqlstr, $db )
    or die( 'Failed Quartet Query ' . mysql_errno() );
  $qname = mysql_result( $res, 0, "QtName" );
  $q1 = htmlentities( stripslashes( stripslashes( $qname ) ) );
  $q2 = stripslashes( mysql_real_escape_string( $qname ) );
  $q3 = stripslashes( $qname );
  $q4 = htmlentities( stripslashes( $qname ) );
  echo "Q1: " . $q1 . "<br />";
  echo "<input type='Text' name='q1' value=\"" . $q1 . "\" width='40' maxlength='40' class='.textin'>";
  echo "Q2: " . $q2 . "<br />";
  echo "<input type='Text' name='q2' value=\"" . $q2 . "\" width='40' maxlength='40' class='.textin'>";
  echo "Q3: " . $q3 . "<br />";
  echo "<input type='Text' name='q3' value=\"" . $q3 . "\" width='40' maxlength='40' class='.textin'>";
  echo "Q4: " . $q4 . "<br />";
  echo "<input type='Text' name='q4' value=\"" . $q4 . "\" width='40' maxlength='40' class='.textin'>";
  echo "<input type='hidden' name='qid' value=\"" . $qid . "\">";
  echo "<input type='Text' name='qtet' value=\"" . htmlentities( stripslashes( $qname ) ) . "\" width='20' maxlength='40' class='.textin'>";

[hamhanded]

Thanks, DarkSuperHero.  I'd forgotten that some things can't expand within single quotes, and apparently there is other strange behavior as well.

 

Hamhanded