Hartley Posted November 24, 2006 Share Posted November 24, 2006 I'm having some problems, particularly with a form verification page I wrote. I can zoom right into the problem area:[code]<input type=hidden name="rname" value="<?php echo addslashes($rname); ?>"><input type=hidden name="age" value="<?php echo addslashes($age); ?>"><input type=hidden name="email" value="<?php echo addslashes($email); ?>">[/code]Even with the addslashes, if anyone uses double quotes, it will still register that as the end of the value segment, and when the form is inserted into the database, it only goes up to that first quote. Is there something I'm doing wrong?Thanks in advance. Link to comment Share on other sites More sharing options...
btherl Posted November 24, 2006 Share Posted November 24, 2006 addslashes() isn't designed for HTML escaping. Try htmlspecialchars() insteadhttp://sg.php.net/manual/en/function.htmlspecialchars.php Link to comment Share on other sites More sharing options...
Hartley Posted November 24, 2006 Author Share Posted November 24, 2006 Perfect! Thank you for the help! Link to comment Share on other sites More sharing options...
Recommended Posts