Strip apostrophe from variable

When I submit a form with containing an apostrophe in one of the form fields - i.e. Women's Health, results from that field are blank. This is what I'm using but it's not working:

<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER" VALUE="" />

and on the action page:

$donation_to .= str_replace("'", "",$DIRECT_GIFT_TO_OTHER)."<br>";
phillystyle123Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Robert SchuttSoftware EngineerCommented:
It would take a bit more info to come up with a real solution, but it is usually not necessary to strip anything out. Just use the right encoding for html or sql. What is being done with the output on the action page, just shown as html? (judging from the <br>) That shouldn't even need encoding but you could use htmlspecialchars().
David CarrCommented:
Be sure you do not have magic quotes turned on.
phillystyle123Author Commented:
How would htmlspecialchars() work?
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Robert SchuttSoftware EngineerCommented:
Well like I said it depends what you want to do but in your context I guess:
$donation_to .= htmlspecialchars($DIRECT_GIFT_TO_OTHER)."<br>";

Open in new window

phillystyle123Author Commented:
Still not outputting if there is an apostrophe. So, in the following example, Mens Health will output, but Men's Health will not.

Form field:

<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER" VALUE="" />

Action page code:

//donation to
      
      $donation_to = "";
      
            if($DIRECT_GIFT_TO_OTHER!="")
      {
            $donation_to .= htmlspecialchars($DIRECT_GIFT_TO_OTHER)."<br>";
      }
Robert SchuttSoftware EngineerCommented:
Please define 'output'. In your code nothing is being output. Is it being echoed to the page? The context probably matters.
Ray PaseurCommented:
@phillystyle123, couple of suggestions:

1. add error_reporting(E_ALL) to the top of your scripts.
2. learn about mysql_real_escape_string().
3. use htmlentities() or similar for browser output, not for internal use.
4. have a look at this article (may or may not be in play here, but you'll know that as soon as you read the article)
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_6630-Magic-Quotes-a-bad-idea-from-day-one.html

Instead of describing the symptoms, if you can post the link to the SSCCE, we will be able to answer you immediately with complete accuracy.  

Thanks and regards, ~Ray
phillystyle123Author Commented:
I have no problem awarding points for this, but the question (and this is my fault) left out one very important factor that I didn't think had anything to do with it. It's turned out that Authorize.net's ARB API doesn't allow for any characters. I ended up using a javascript in the form fields that eliminates single quotes/apostrophes on keyup:

<INPUT  onkeyup="if (/'/.test(this.value)){this.value=this.value.replace(/'/g,'')}" onblur="this.onkeyup()" TYPE="text" NAME="DIRECT_GIFT_TO_OTHER" VALUE="" />

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ray PaseurCommented:
Interesting (and thanks for the points).  Since I am working with a class that is studying eCommerce right now, can you tell us anything more about this restriction from Authorize.net?  Is this documented anywhere that you could find?  Thanks and regards, ~Ray
phillystyle123Author Commented:
I didn't see it anywhere in the documentation. No trace of the issue that I could find. So I reached out to authorize.net tech support.
Ray PaseurCommented:
Thanks for the heads-up!  Best, ~Ray
phillystyle123Author Commented:
Came up with a different solution because I discovered that Authorize.net's ARB API doesn't allow the use of single quotes, apostophes in form fields.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.