[SOLVED] Another escape question

[Dimwhit]

I've been reading up on the addslash/stripslash functions, but I'm not sure where they fit into my needs. Here's my problem:

 

One of the fields on my input form to send a product to the database is size. An example piece of data I enter is: 8"x10".

 

It goes fine into the database, and the information displays fine on the product page. However, I have a form set up to edit the products, and when I bring the data from that field (there are actually several fields in question), all that is brought into that form field from the db is: 8

 

The first quote and everything after is ignored. Am I supposed to be using the addslash on the input form so that the field in the db shows: 8\"x10\", then put in the stripslash when I'm calling the data? That doesn't seem right.

 

I haven't been able to find the right tutorial on this, so if someone can point me in the right direction, I would be grateful.

 

thanks

[JJohnsenDK]

would be great if you could post your script cause it sounds like you are doing it right...

[Dimwhit]

I don't know which script to post, because I don't know where the problem is. In the edit form, I've got the following for the input field:

 

<input name="ud_size1" type="text" id="ud_size1" value="<? echo $size1; ?>" size="15">

 

ud_size1 will then have the data input into the size1 field with the edit script I have. But the echo $size1 in the value field is where I'm losing the data. The data in the db is fine. It's this step where I lose the info, and there's not really a script involved. Just bringing it into a form field.

[kenrbnsn]

If you are displaying the value using something like this:

<?php
$val = '8"x10"';
echo '<input name="size" value="' . $val . '">';
?>

The first double quote in your value is ending the value attribute in the <input> tag. You need to use the htmlentities() function when displaying the value:

<?php
$val = '8"x10"';
echo '<input name="size" value="' . htmlentities($val,ENT_QUOTES)p . '">';
?>

 

Ken

 

[Dimwhit]

Thanks Ken. That makes sense, but I'm getting the "unexpected T_CONSTANT_ENCAPSED_STRING" error. Here's what I have exactly:

<?php
echo '<input name="ud_size1" type="text" id="ud_size1" size="15" value="' .htmlentities($size1,ENT_QUOTES)p. '";>';
?>

 

I'm fiddled with it to no extent. Can't figure out the cause.

[Jessica]

You have a p after your function...

[kenrbnsn]

There's a typo in my original response.  Try:

<?php
echo '<input name="ud_size1" type="text" id="ud_size1" size="15" value="' .htmlentities($size1,ENT_QUOTES) . '">';
?>

 

Ken

[Dimwhit]

That did it. Thanks for the help!