From: "Graeme McLaren" <[EMAIL PROTECTED]>

> Jason, thank you for reply.  I tried switching the 1st 2 parameters in the
> str_replace function so that it now looks like this:
> $AddressLine1 = urlencode($AddressLine1);
> $AddressLine1 = str_replace("+", " ", $AddressLine1);
> Unfortunately as I am now replacing the + symbols with a space " " only
> part up to the first space is displayed back to the user.
> Any ideas?

I think this whole problem can be solved by putting quotes around your HTML

echo "First Line Of Address: <BR> <input type=\"text\" Name=\"AddressLine1\"

Now, the ONLY thing you need to do to $AddressLine1 to make it safe to
insert into this HTML form element is run htmlentities() on it.

$safe_AddressLine1 = htmlentities($AddressLine1);
echo "First Line Of Address: <BR> <input type=\"text\" Name=\"AddressLine1\"

I think the whole bit with + and spaces will go away if you do this.
Remember that you may see "this+that" in the URL, but it's decoded
automatically when it gets to your PHP script back to "this that"...

---John Holmes...

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to