Hi - I actually got this to work for me - if you remember, I wasn't having problems writing values w/ double or single quotes to the database - it was passing the form values from page to page, inside text boxes, etc.
Advertising
What I had to do was use: <input type="text" name="Summary" value="<? echo htmlspecialchars(stripslashes($Body)) ?>"> Then if a user editted a field, clicked a button to preview it, editted it again, previewed it again, etc. 10 times before they saved it to the db, they wouldn't get slashes before single and double quotes. What we do for end-users.... -- Faye Keesic Computer Programmer Analyst/Web Page Design > From: "Peter Lovatt" <[EMAIL PROTECTED]> > Date: Thu, 14 Feb 2002 21:50:25 -0000 > To: "Jim Lucas [php]" <[EMAIL PROTECTED]>, "William Fong" > <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> > Subject: RE: [PHP-DB] Passing form values with quotes, to itself > > Hi > > I spent ages trying to get it to work. Echoing the " always closes the text > area in an input box, so any data after the quotes isn't displayed. Its > fundamental to the HTML, so adding slashes is irrelevant. > > What I did in the end was to swap double quotes " for two single quotes '' > using ereg_replace. It looks a little odd sometimes, but it works. You swap > it back again when you insert or update the data and addslashes to make sure > it inserts safely. > > Not sure if there are more elegant answers > > email me offlist if you would like the code > > HTH > > Peter > > ----------------------------------------------- > Excellence in internet and open source software > ----------------------------------------------- > Sunmaia > www.sunmaia.net > [EMAIL PROTECTED] > tel. 0121-242-1473 > ----------------------------------------------- > >> -----Original Message----- >> From: Jim Lucas [php] [mailto:[EMAIL PROTECTED]] >> Sent: 14 February 2002 18:34 >> To: William Fong; [EMAIL PROTECTED] >> Subject: Re: [PHP-DB] Passing form values with quotes, to itself >> >> >> it is called magic quotes and it can be enabled through the php.ini file. >> >> Jim Lucas >> ----- Original Message ----- >> From: "William Fong" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]> >> Sent: Wednesday, February 13, 2002 10:36 AM >> Subject: Re: [PHP-DB] Passing form values with quotes, to itself >> >> >>> Doesn't PHP have something that will automatically do this? I can't >>> remember, but I think you had to enable it in php.ini or when >> you compile. >>> >>> (just like to know for future reference). >>> >>> thx. >>> >>> -w >>> >>> -- >>> William Fong - [EMAIL PROTECTED] >>> Phone: 626.968.6424 x210 | Fax: 626.968.6877 >>> Wireless #: 805.490.7732 | Wireless E-mail: >> [EMAIL PROTECTED] >>> >>> >>> >>> >>> ----- Original Message ----- >>> From: "David Fudge" <[EMAIL PROTECTED]> >>> To: <[EMAIL PROTECTED]> >>> Sent: Wednesday, February 13, 2002 10:12 AM >>> Subject: Re: [PHP-DB] Passing form values with quotes, to itself >>> >>> >>> : before you submit to the db, you have to escape the quotes like this: >>> : >>> : $Body = addslashes($Body); >>> : all " " will show up as \" \" >>> : and ' ' will be \' \' >>> : >>> : when you pull the info from the db, you'll have to use >> "stripslashes()" >> to >>> : remove those you put in. >>> : $Body = stripslashes($Body_from_db); >>> : >>> : ----- Original Message ----- >>> : From: "Faye Keesic" <[EMAIL PROTECTED]> >>> : To: <[EMAIL PROTECTED]> >>> : Sent: Wednesday, February 13, 2002 1:02 PM >>> : Subject: [PHP-DB] Passing form values with quotes, to itself >>> : >>> : >>> : > Hi there. >>> : > >>> : > I have a form that contains several fields w/ text info >> (which may or >>> may >>> : > not contain single and double quotes). >>> : > >>> : > When the user clicks Preview, the form's action is set to >> call itself >>> : > ($PHP_SELF), and the info is displayed nicely so they can read it >> over, >>> : and >>> : > verify it before saving to the db. >>> : > >>> : > What I'm having problems with is that when the data has quotes, the >> text >>> : > data cuts off. >>> : > >>> : > If I use: <input type="text" name="Body" value=" <?php echo $Body; >> ?>"> >>> : > then double quotes are cut off. >>> : > >>> : > If I use: <input type="text" name="Body" value=' <?php echo $Body; >> ?>'> >>> : > then single quotes are cut off. >>> : > >>> : > I want nothing cut off! I've tried addslashes()..still cuts off. >>> : > >>> : > I hope that all made sense... >>> : > -- >>> : > Faye >>> : > >>> : > >>> : > -- >>> : > PHP Database Mailing List (http://www.php.net/) >>> : > To unsubscribe, visit: http://www.php.net/unsub.php >>> : > >>> : >>> : >>> : -- >>> : PHP Database Mailing List (http://www.php.net/) >>> : To unsubscribe, visit: http://www.php.net/unsub.php >>> : >>> >>> >>> >>> -- >>> PHP Database Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >> >> >> -- >> PHP Database Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
