pault Posted October 17, 2010 Share Posted October 17, 2010 A problem has arisen which puzzles me. I have forms which save data to MySql and retrieve it, showing it as the default data in the form. Naturally I escape any quotes before sending it to the database and remove the slashes when I retrieve it. But the form HTML code shows the data like this value="$variable" which is fine when only single quotes are used in the data but causes a problem when the user uses double quotes. So data of John \"Jack\" Smith would be output as value="John "Jack" Smith" with obvious problems. If I use value='...' then that would cause problems with single quotes. I haven't seen the answer in any of my books. The only things I can think of is changing all double quotes to single before saving to DB or converting them with htmlspecialcharacters so they are no longer actual quotes. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 17, 2010 Share Posted October 17, 2010 How about posting the relevant code? That will be easier to diagnose than just a description of the problem. Quote Link to comment Share on other sites More sharing options...
ram4nd Posted October 17, 2010 Share Posted October 17, 2010 Maybe convert the chars http://www.ascii.cl/htmlcodes.htm here you can find the right codes. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 htmlspecialcharacters is the way I go. I like to echo input fields without concatenation, so I single-quote tag values: $field1_value = htmlspecialchars($field1_value, ENT_QUOTES); echo "<input type='text' name='field1' value='$field_1_value' />"; alternatively, if you're echoing within the HTML: <input type='text' name='field1' value='<?php echo htmlspecialchars($field_1_value, ENT_QUOTES); ?>' /> Quote Link to comment Share on other sites More sharing options...
pault Posted October 17, 2010 Author Share Posted October 17, 2010 Just tried your code, BlueSkyIS, and it works perfectly. Saved me hours of searching and brain-wracking. Great forum. Thanks everyone for such quick advice. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.