phillystyle123
asked on
Strip apostrophe from variable
When I submit a form with containing an apostrophe in one of the form fields - i.e. Women's Health, results from that field are blank. This is what I'm using but it's not working:
<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER " VALUE="" />
and on the action page:
$donation_to .= str_replace("'", "",$DIRECT_GIFT_TO_OTHER). "<br>";
<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER
and on the action page:
$donation_to .= str_replace("'", "",$DIRECT_GIFT_TO_OTHER).
It would take a bit more info to come up with a real solution, but it is usually not necessary to strip anything out. Just use the right encoding for html or sql. What is being done with the output on the action page, just shown as html? (judging from the <br>) That shouldn't even need encoding but you could use htmlspecialchars().
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
How would htmlspecialchars() work?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Still not outputting if there is an apostrophe. So, in the following example, Mens Health will output, but Men's Health will not.
Form field:
<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER " VALUE="" />
Action page code:
//donation to
$donation_to = "";
if($DIRECT_GIFT_TO_OTHER!= "")
{
$donation_to .= htmlspecialchars($DIRECT_G IFT_TO_OTH ER)."<br>" ;
}
Form field:
<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER
Action page code:
//donation to
$donation_to = "";
if($DIRECT_GIFT_TO_OTHER!=
{
$donation_to .= htmlspecialchars($DIRECT_G
}
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Interesting (and thanks for the points). Since I am working with a class that is studying eCommerce right now, can you tell us anything more about this restriction from Authorize.net? Is this documented anywhere that you could find? Thanks and regards, ~Ray
ASKER
I didn't see it anywhere in the documentation. No trace of the issue that I could find. So I reached out to authorize.net tech support.
Thanks for the heads-up! Best, ~Ray
ASKER
Came up with a different solution because I discovered that Authorize.net's ARB API doesn't allow the use of single quotes, apostophes in form fields.