Jump to content

Handling Apostrophes


guyfromfl

Recommended Posts

I am inserting last names into the database using mysql_real_escape_string(), and outputting the data into a textbox using addslashes().

 

When I try to display O'Brian "O\" is displayed in the text box.

 

The name is saved corretly as O'Brian in the database.

 

I am printing the string like this:

 

echo "<input type='text' value='" . addslashes($customer['lName']) . "' blah blah...";

 

anybody have any ideas?

Link to comment
https://forums.phpfreaks.com/topic/215134-handling-apostrophes/
Share on other sites

addslashes is... adding a slash. my solution is to 1. ALWAYS use single-quotes inside HTML elements. then, 2. I use this function instead of addslashes:

 


function htmlSafe($in_string, $stripslashes = FALSE) {
if ($stripslashes === TRUE) {
	$in_string = stripslashes($in_string);
}
return htmlspecialchars($in_string, ENT_QUOTES);
}

 

note: i send $stripslashes = true when the input is from a form and magick_quotes is turned on.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.