Solved

Strip apostrophe from variable

Posted on 2013-01-25
12
231 Views
Last Modified: 2013-02-03
When I submit a form with containing an apostrophe in one of the form fields - i.e. Women's Health, results from that field are blank. This is what I'm using but it's not working:

<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER" VALUE="" />

and on the action page:

$donation_to .= str_replace("'", "",$DIRECT_GIFT_TO_OTHER)."<br>";
0
Comment
Question by:phillystyle123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +1
12 Comments
 
LVL 35

Expert Comment

by:Robert Schutt
ID: 38820560
It would take a bit more info to come up with a real solution, but it is usually not necessary to strip anything out. Just use the right encoding for html or sql. What is being done with the output on the action page, just shown as html? (judging from the <br>) That shouldn't even need encoding but you could use htmlspecialchars().
0
 
LVL 9

Assisted Solution

by:David Carr
David Carr earned 100 total points
ID: 38820564
Be sure you do not have magic quotes turned on.
0
 

Author Comment

by:phillystyle123
ID: 38820574
How would htmlspecialchars() work?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 35

Assisted Solution

by:Robert Schutt
Robert Schutt earned 150 total points
ID: 38820597
Well like I said it depends what you want to do but in your context I guess:
$donation_to .= htmlspecialchars($DIRECT_GIFT_TO_OTHER)."<br>";

Open in new window

0
 

Author Comment

by:phillystyle123
ID: 38821319
Still not outputting if there is an apostrophe. So, in the following example, Mens Health will output, but Men's Health will not.

Form field:

<INPUT TYPE="text" NAME="DIRECT_GIFT_TO_OTHER" VALUE="" />

Action page code:

//donation to
      
      $donation_to = "";
      
            if($DIRECT_GIFT_TO_OTHER!="")
      {
            $donation_to .= htmlspecialchars($DIRECT_GIFT_TO_OTHER)."<br>";
      }
0
 
LVL 35

Assisted Solution

by:Robert Schutt
Robert Schutt earned 150 total points
ID: 38821929
Please define 'output'. In your code nothing is being output. Is it being echoed to the page? The context probably matters.
0
 
LVL 110

Assisted Solution

by:Ray Paseur
Ray Paseur earned 200 total points
ID: 38822281
@phillystyle123, couple of suggestions:

1. add error_reporting(E_ALL) to the top of your scripts.
2. learn about mysql_real_escape_string().
3. use htmlentities() or similar for browser output, not for internal use.
4. have a look at this article (may or may not be in play here, but you'll know that as soon as you read the article)
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_6630-Magic-Quotes-a-bad-idea-from-day-one.html

Instead of describing the symptoms, if you can post the link to the SSCCE, we will be able to answer you immediately with complete accuracy.  

Thanks and regards, ~Ray
0
 

Accepted Solution

by:
phillystyle123 earned 0 total points
ID: 38833527
I have no problem awarding points for this, but the question (and this is my fault) left out one very important factor that I didn't think had anything to do with it. It's turned out that Authorize.net's ARB API doesn't allow for any characters. I ended up using a javascript in the form fields that eliminates single quotes/apostrophes on keyup:

<INPUT  onkeyup="if (/'/.test(this.value)){this.value=this.value.replace(/'/g,'')}" onblur="this.onkeyup()" TYPE="text" NAME="DIRECT_GIFT_TO_OTHER" VALUE="" />
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 38833639
Interesting (and thanks for the points).  Since I am working with a class that is studying eCommerce right now, can you tell us anything more about this restriction from Authorize.net?  Is this documented anywhere that you could find?  Thanks and regards, ~Ray
0
 

Author Comment

by:phillystyle123
ID: 38834092
I didn't see it anywhere in the documentation. No trace of the issue that I could find. So I reached out to authorize.net tech support.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 38834797
Thanks for the heads-up!  Best, ~Ray
0
 

Author Closing Comment

by:phillystyle123
ID: 38848328
Came up with a different solution because I discovered that Authorize.net's ARB API doesn't allow the use of single quotes, apostophes in form fields.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Showing multiple maps using PHP and Google Maps 12 40
PHP mail() function not working... 8 33
Google Dork query 7 64
Delete image(s) associated with record(s) 16 26
Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question