<div>
A technically inaccurate comment was deleted.
</div>


A technically inaccurate comment was deleted.

<div>
To escape special characters:<br />
<br />

<pre><code id="code-20-39532873-1">$fname = mysqli_real_escape_string($dbconn, trim($_POST[&quot;element&quot;]));</code></pre>
<br />
To re-display them in HTML:<br />
<br />

<pre><code id="code-20-39532873-2">stripslashes($yourvariable)</code></pre>
</div>


To escape special characters:



$fname = mysqli_real_escape_string($dbconn, trim($_POST["element"]));


To re-display them in HTML:



stripslashes($yourvariable)

<div>
Here is an article that answers this question and much more about using PHP with data base extensions.<br />
<a href="https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html" rel="ugc">https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html</a>
</div>


Here is an article that answers this question and much more about using PHP with data base extensions.
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html [https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/PHP_Databases/A_11177-PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html]

<div>
@ dimmergeek It will work only if he is using mysql.<br />
What about oracle or any other DB.<br />
<br />
so first we have to be clear with db
</div>


@ dimmergeek It will work only if he is using mysql.
What about oracle or any other DB.

so first we have to be clear with db

<div>
<div class="content wysiwyg-content">
Hello,<br />
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; I want to escape the special characters (eg: ' , &quot;&nbsp;etc) from a string before inserting to the database and to show it in original form while retrieving &nbsp;from the database. I tried with htmlentities, but I couldn't see any change in the data. Do I need to modify anything on the server for working htmlentities?
</div>
</div>


Hello,
          I want to escape the special characters (eg: ' , " etc) from a string before inserting to the database and to show it in original form while retrieving  from the database. I tried with htmlentities, but I couldn't see any change in the data. Do I need to modify anything on the server for working htmlentities?

Special character escaping issue

PHP is a widely-used server-side scripting language especially suited for web development, powering tens of millions of sites from Facebook to personal WordPress blogs. PHP is often paired with the MySQL relational database, but includes support for most other mainstream databases. By utilizing different Server APIs, PHP can work on many different web servers as a server-side scripting language.

HTML (HyperText Markup Language) is the main markup language for creating web pages and other information to be displayed in a web browser, providing both the structure and content for what is sent from a web server through the use of tags. The current implementation of the HTML specification is HTML5.