it will still cut off with the double quots.  if you have a double quote
inside of a double quoted value property
<?
$myvalue = "And he asked, \"what have you done, son\"?  ";
?>
<input type="text" name="something" value="<?=addslashes($myvalue)?>">

This will still break.  it does care if they are escaped.

Jim Lucas
----- Original Message -----
From: "David Fudge" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, February 13, 2002 10:12 AM
Subject: Re: [PHP-DB] Passing form values with quotes, to itself


> before you submit to the db, you have to escape the quotes like this:
>
> $Body = addslashes($Body);
> all " " will show up as \" \"
> and ' ' will be \' \'
>
> when you pull the info from the db, you'll have to use "stripslashes()" to
> remove those you put in.
> $Body = stripslashes($Body_from_db);
>
> ----- Original Message -----
> From: "Faye Keesic" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, February 13, 2002 1:02 PM
> Subject: [PHP-DB] Passing form values with quotes, to itself
>
>
> > Hi there.
> >
> > I have a form that contains several fields w/ text info (which may or
may
> > not contain single and double quotes).
> >
> > When the user clicks Preview, the form's action is set to call itself
> > ($PHP_SELF), and the info is displayed nicely so they can read it over,
> and
> > verify it before saving to the db.
> >
> > What I'm having problems with is that when the data has quotes, the text
> > data cuts off.
> >
> > If I use: <input type="text" name="Body" value=" <?php echo $Body; ?>">
> > then double quotes are cut off.
> >
> > If I use: <input type="text" name="Body" value=' <?php echo $Body; ?>'>
> > then single quotes are cut off.
> >
> > I want nothing cut off!  I've tried addslashes()..still cuts off.
> >
> > I hope that all made sense...
> > --
> > Faye
> >
> >
> > --
> > PHP Database Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to