Hi gang:

I'm gathering information from a user, storing that data in a db, and then showing it back to the user. It's a simple process and can bee seen here in this address book demo (not real people):


I gather information from the user via a $_POST[]; like this:

   $last_name = trim($_POST['last_name']);

Then I pass it through mysql_real_escape_string() like so --

   $last_name = mysql_real_escape_string($last_name);

-- and then I put that data into my table via an UPDATE.

Then when I pull data from the table, I do this --

   $last_name = htmlentities($row['last_name']);

-- and show that data to the user. That's what I'm supposed to do right?

So, why is it that when I enter the name "O'Brian", the entry comes back "O/'Brian"?

So what's wrong and how do I fix it?



PS: I know that I'm supposed to know this, but that part of my brain is on vacation -- I can't afford for all of me to go on vacation at one time.

http://sperling.com  http://ancientstones.com  http://earthstones.com

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to