Jump to content

Echoing out a string with double quotes in html form

petenaylor

By petenaylor
in PHP Coding Help

 Share

Recommended Posts

petenaylor Regular Member

petenaylor

Posted
Posted

Hi all

 

I have a field in mySQL table called dimensions. It has the double quote in in for inches - "

 

When I echo the result from the mySQL query on the item page (Customer facing) it's fine. However, I have built a form so that the administrator can edit the dimensions in the admin panel and when I echo it out in to the form field it stops when it gets to the double quotes?

 

Pete

 

 

Link to comment
Share on other sites
Anti-Moronic Regular Member

Anti-Moronic

Posted
Posted

using mysql_real_escape_string and stripslashes on the way out.

 

stripslashes is not needed on the way out if your data is properly escaped on the way in. The escape chars are only there to get the data into a valid query.

 

Sorry! Thanks for correction as well. Sorry OP, didn't mean to give out bad advice. Still, mysql_real_escape_string() is always a good idea on data insertion. Get used to using it and problems like this won't even appear.

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

All content (anything that is not intentionally HTML tags/HTML syntax) that you output on a web page needs to be passed through htmlentities with the second parameter set to ENT_QUOTES so that any HTML entities in it, like &, ", ', <, and > don't break the HTML on your page.

 

Also, the value='...' attribute of a form field (all attributes in fact) need quotes around it to make it valid HTML.

 

Link to comment
Share on other sites
petenaylor Regular Member

petenaylor

Posted
  • Author
Posted

I'm a bit lost now!

 

Basically I have a DB entry that has double quotes in. When I am adding it into the DB I am using:

 

$dimensions = (mysql_real_escape_string($_POST['dimensions']));

 

When I am echoing it back into the form for the user to edit I am using:

 

<input name="dimensions" type="text" id="dimensions" size="80" maxlength="80" value="<?php echo stripslashes(mysql_real_escape_string($result['dimensions'])); ?>" class="basket-table-font" />

 

When I am echoing it to the user screen I am using:

 

<?php echo stripslashes($result['dimensions']); ?>

 

However this isn't working as it should. It misses off the contact after the double quotes.

 

Thanks for your help, it's much appreciated!

 

Pete

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.