[SOLVED] Display / edit string trap

[patrickm]

On a website, I have written a piece of code which allows editing of product specifications. The data is pulled from a MySQL database and displayed in an form-like page with <input> and <textarea> elements.

 

But I can't seem to find a good workaround for the following problem:

 

echo "<p><b>Omschrijving</b>";
echo "<br><input value=\"$dump_gegevens->omschrijving\" type=\"text\" size=\"60\" name=\"form_omschrijving\">";
echo "</p>";

Displays an input field which is filled already by the proper data (in the above example called "omschrijving").

 

Some of the products have a description in this field with " in it. If I enter the following string (placed between [ ] for clearity) [blah blah blah ("whatever")] if will only parse the input until the first " (obvious).

 

So, if I use \", it won't work either (with <input>). The only way around it is to use &#034; or double '.

 

If I use &#034; I end up with a new problem: the next time the specs of this product gets edited, the <input> field shows the correct html/php output and the &#034; get replaced by " (and saving it will cause this field to be truncated after the first (displayed) ").

 

Question: how can I display the content of a string ($whatever->content) in such a way that the content is listed "as it is" (like < pre > in html) and &#034; would become visible?

[Yesideez]

htmlentities() and html_entity_decode()

 

http://www.php.net/htmlentities

 

http://www.php.net/manual/en/function.html-entity-decode.php

 

When you use $_POST to read the form use something like this:

<?php
  $var=htmlentities($_POST['formvar'],ENT_QUOTES);
?>

 

When you want to add the data back into a form use something like this:

<input type="text" name="formvar" value="<?=html_entity_decode($var,ENT_QUOTES)?>" />

[patrickm]

Thanks a lot!!

 

Works like a charm