Use Of Double Quotes In A 'input Type="text"' Value Wont Work, String Stops At Double-quote !
Solution 1:
You have to use htmlspecialchars($str, ENT_QUOTES)
or htmlentities($str, ENT_QUOTES)
to convert the quotes to the HTML entity "
. Those function also take care of other characters that should be encoded.
mysql_real_escape_string()
is only meant for escaping single quotes in database queries, so that you can correctly enter strings with single quotes into your database (and avoid SQL injections).
EDIT: Added parameters. Thanks to micahwittman
Solution 2:
The reason it isn't working when you're outputting it into the input
is because the value
is being truncated at the quote. You'll need to use htmlspecialchars() on the output.
Solution 3:
You're mixing up two things: mysql_real_escape_string
is used to prepare strings for storing in a mysql database. htmlentities
is used to prepare strings for echoing in the browser. Both are important to do, but calling one after the other on the same string can't be expected to work. Do something like the following:
// Copy string after escaping for mysql into $db_headline$db_headline= mysql_real_escape_string($_POST['headline']);
// Copy string after escaping for page display into $html_headline$html_headline = htmlentities($_POST['headline']);
// Store the headline in the database
...
?>
<input type="text" name="headline" value="<?php echo $html_headline ?>" />
...
Solution 4:
Its not the job of the JS to modify the input string, server should make sure it can accept what its getting regardless.
You could escape out the double quotes with another value either Assci symbol or HTML "
etc. before you pass it into your mysql escape function?
Post a Comment for "Use Of Double Quotes In A 'input Type="text"' Value Wont Work, String Stops At Double-quote !"