SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Guru afridy's Avatar
    Join Date
    Mar 2007
    Posts
    966
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    very strange double quote problem in forms

    Hai folks,

    i have a form field name 'title'. now user enters the following in to this field :
    17" LCD monitor
    when the form is posted, i get :

    Code:
    $title=$_POST['title']
    result :
    17\" Black LCD

    now this value again need to be inserted in to another form

    Code:
    <input name="title" type="hidden" id="title" value="<?php echo $title; ?>" />
    now what i receive when posted this form is : 17

    i just want the 17\" Black LCD

  2. #2
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Hello!

    If you actually write out what you're echoing, I think that you'll see the issue:

    HTML Code:
    <input name="title" type="hidden" id="title" value="17\" Black LCD" />
    Can you see how the quote makes the value seem like it's 17\? One thing that you could do is use htmlentities to change the first post (with &quot instead of " you won't run into the problem!), and then use html_entity_decode to undo the operation. If you check out the first example here:

    http://php.net/manual/en/function.ht...ity-decode.php

    it will give you a good idea how to do this.

    Hope this helps...

    -Eric

  3. #3
    SitePoint Guru afridy's Avatar
    Join Date
    Mar 2007
    Posts
    966
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kreut View Post
    Hello!

    If you actually write out what you're echoing, I think that you'll see the issue:

    HTML Code:
    <input name="title" type="hidden" id="title" value="17\" Black LCD" />
    Can you see how the quote makes the value seem like it's 17\? One thing that you could do is use htmlentities to change the first post (with " instead of " you won't run into the problem!), and then use html_entity_decode to undo the operation. If you check out the first example here:

    http://php.net/manual/en/function.ht...ity-decode.php

    it will give you a good idea how to do this.

    Hope this helps...

    -Eric
    Thanks kreut for the reply,
    ill read about htmlentities. seem this will help!

  4. #4
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You're welcome! And if it doesn't make sense, feel free to post again. Also, not to add another bag of worms, but it seems that you have magic quotes turned on php.net/manual/en/security.magicquotes.php (this is the reason for the added slash). You might want to read up on this feature that will soon be deprecated in PHP and consider turning magic quotes off in your ini file or perhaps use a more updated version of PHP.

  5. #5
    SitePoint Guru afridy's Avatar
    Join Date
    Mar 2007
    Posts
    966
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kreut View Post
    You're welcome! And if it doesn't make sense, feel free to post again. Also, not to add another bag of worms, but it seems that you have magic quotes turned on php.net/manual/en/security.magicquotes.php (this is the reason for the added slash). You might want to read up on this feature that will soon be deprecated in PHP and consider turning magic quotes off in your ini file or perhaps use a more updated version of PHP.
    Hai mate,

    turning off the magic quotes really helped to get rid of that \ charactor.

    but i could not get away with the second form submission

    Code:
    <input name="title" type="hidden" id="title" value="<?php echo $title; ?>" />
    i tried your html_entity_decode suggession. result is same : 17

    Code:
    <input name="title" type="hidden" id="title" value="<?php echo html_entity_decode($title); ?>" />

  6. #6
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,508
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    You do not want to decode, but to encode: http://php.net/htmlentities

  7. #7
    SitePoint Guru afridy's Avatar
    Join Date
    Mar 2007
    Posts
    966
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    You do not want to decode, but to encode: http://php.net/htmlentities
    works charm!!!!

    Code:
    t name="title" type="hidden" id="title" value="<?php echo htmlentities($title); ?>" />
    Thanks guido and kreut for the kind help!!

  8. #8
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    My apologies: I should have been clearer. In the decode example on the webpage that I sent you to, the first step was to use htmlentities. In retrospect, I should have just sent you to the htmlentities page as guido did. However, it looks like guido cleared it up for you.

    Anyway, at least I helped with the magic quotes.

    Cheers!

  9. #9
    SitePoint Guru afridy's Avatar
    Join Date
    Mar 2007
    Posts
    966
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kreut View Post
    My apologies: I should have been clearer. In the decode example on the webpage that I sent you to, the first step was to use htmlentities. In retrospect, I should have just sent you to the htmlentities page as guido did. However, it looks like guido cleared it up for you.

    Anyway, at least I helped with the magic quotes.

    Cheers!
    np mate. i never know about this magic quotes before you mention. was a great help.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •