> On Thursday 20 February 2003 20:26, Ernest E Vogelsinger wrote:
> > At 13:16 20.02.2003, Tom Rogers said:
> > --------------------[snip]--------------------
> >
> > >Rec> Have simple but annoying issue, I want to display a string
> > >within an
> > >Rec> input field. This string contains ' & so when it's being display
the,
> > >Rec> anything after the ' is being left out. Here is the code I'm
using:
> > >
> > >Rec> $string = str_replace("'", "''", $string);
> > >Rec> $string = stripslashes($string);
> > >Rec> echo "<input type=text name='value' size=20 value =
> > > '$string'>";
> > >
> > >
> > >Pass the string through htmlentities(); before you echo it.
> >
> > --------------------[snip]--------------------
> >
> > htmlentities won't work with single quotes, use addslashes:
Addslashes will have no effect. HTML does not recognize the \ character as
an escape character. That's a PHP concept.
> Actually just (only) htmlentities() will do. See manual for options
regarding
> whether to encode single-quotes and double-quotes.
>
> > "<input type='text' name='value' size='20' value='" .
> > htmlentities(addslashes($string)) . "'>";
But, you're right that this won't work. htmlentities() by itself will leave
single quotes alone. What you want to use is
htmlentities($string,ENT_QUOTES);
which will convert single and double quotes to entities.
---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
