See: http://www.php.net/manual/en/function.htmlspecialchars.php
John Hughes wrote: > > I'm stumbling over how to allow people to put single or double quotes > in a form text field. > > I am passing the form to itself ($PHP_SELF) and on the second time > through previewing what the form data will look like and also > re-creating the form with the data already filled in. > > Here's an example of one text field: > > $display_line .="<input type='text' name='signature' > value='$noslash_signature' size='35' maxlength='100'>"; > > (I have stripslashes() the $signature variable to create > $noslash_signature.) > > If someone signs their name O'Brien, the preview shows O'Brien, but > all that shows in the form field is O. However, Joe "Bruiser" Jones > displays correctly in preview and the form. > > If I change the code like this (adding the \" around the variable): > > $display_line .="<input type='text' name='signature' > value=\"$noslash_signature\" size='35' maxlength='100'>"; > > O'Brien will display OK, but Joe "Bruiser" Jones shows just Joe in > the form field. > > One solution is to change the text form to textarea, but I'd prefer > to be able to redisplay at text form field if possible. -- .-----------------. | Robert Cummings | :-----------------`----------------------------. | Webdeployer - Chief PHP and Java Programmer | :----------------------------------------------: | Mail : mailto:[EMAIL PROTECTED] | | Phone : (613) 731-4046 x.109 | :----------------------------------------------: | Website : http://www.webmotion.com | | Fax : (613) 260-9545 | `----------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
