On Monday 07 January 2002 01:59, Richard S. Crawford wrote:
> I've used a combination of addslashes() and stripslashes() along with
> htmlspecialchars() to perform just that sort of thing, though I used MySQL
> instead of PostreSQL.
I've got it sorted so that when the user enters the HTML data in the form, it
is retrieved and stripslashes() is used so that I can just use print() to
The only problem comes when I want to send this data back again (so that the
user can edit it after they view it). Everything's fine unless the user has a
quote (") in the text because it messes up the HTML tag.
For example, consider the string $body = "I am saying \"Hello\"";
<input type="hidden" name="body" value="<?=$body>">
is interpreted by the browser as
<input type="hidden" name="body" value="I am saying "Hello"">
And so we have a problem.
What can I do about that?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]