Handling quotes with php forms

Posted on 2007-10-05
Medium Priority
Last Modified: 2013-12-13
Hi Experts,
I'm working on a php form and having some trouble with handing quotes.

I realize it's probably not the best way to code it, but I've been wrapping the table elements of my form in print statements. This means that if I code:

print '<tr BGCOLOR="white"><td><INPUT TYPE="text" NAME="capFirst" SIZE=40></td>';
and the user enters: My name is "bob", the output will be "My name is" because the quotes are read as being an element of the code and essentially ignored.

I use addSlashes() when I'm handling the data to put it into my databases, etc but I'd like users to be able to enter both single and double quotes in their entry and have the program allow both (at least in the front end).

How do I do this? Any help is appreciated.
Question by:dm06tw
  • 2
  • 2
LVL 20

Expert Comment

ID: 20023290

htmlentities($yourdata,ENT_QUOTES) instead of addslashes

Author Comment

ID: 20023331
I'm not actually "addslashing" it until I handle it... The form has 3 steps, they fill in the first step and on the second step it sets the default values in the text boxes to what they typed from the first. I addSlash it before inserting it into my database.

maybe that's a bad way of doing it?
LVL 20

Accepted Solution

steelseth12 earned 2000 total points
ID: 20023410
You should use addslashes or mysql_real_escape_string before entering data in the database.

When you echo  the values you  got from the first set use htmlentities

for example ....

print '<input type="text" name="somefield" value="'.htmlentities($_POST["data_from_1s_setpt"],ENT_QUOTES) .'">';

Author Comment

ID: 20023865
Works great!

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
This article discusses how to implement server side field validation and display customized error messages to the client.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses
Course of the Month16 days, 21 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question