Jacobbaby
asked on
Special character escaping issue
Hello,
I want to escape the special characters (eg: ' , " etc) from a string before inserting to the database and to show it in original form while retrieving from the database. I tried with htmlentities, but I couldn't see any change in the data. Do I need to modify anything on the server for working htmlentities?
I want to escape the special characters (eg: ' , " etc) from a string before inserting to the database and to show it in original form while retrieving from the database. I tried with htmlentities, but I couldn't see any change in the data. Do I need to modify anything on the server for working htmlentities?
A technically inaccurate comment was deleted.
To escape special characters:
To re-display them in HTML:
$fname = mysqli_real_escape_string($dbconn, trim($_POST["element"]));
To re-display them in HTML:
stripslashes($yourvariable)
Here is an article that answers this question and much more about using PHP with data base extensions.
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
@ dimmergeek It will work only if he is using mysql.
What about oracle or any other DB.
so first we have to be clear with db
What about oracle or any other DB.
so first we have to be clear with db
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok thank you