SitePoint Sponsor

User Tag List

Results 1 to 3 of 3

Thread: "i can't"

  1. Sep 8, 2012 14:12 #1
    dotJoon
    dotJoon is offline
    Get my greedy down dotJoon's Avatar
    Join Date
    Apr 2003
    Location
    daejeon, South Korea
    Posts
    2,121
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    "i can't"

    Code:
    code
$query="SELECT say
FROM test
WHERE
n = 1
" ;
$sql = mysql_query($query);
$row = mysql_fetch_assoc($sql);
$say= $row['say'];

echo $say;

result

He said "I can't".
    The code above produces the result above.

    Following is some trials for putting the variable "$say" above into a form input tag, but all trials are failed.
    Code:
    trial code1

$inputSay='<input value="'.$say.'">';
echo $inputSay;

trial result1

he said
    Code:
    trial code2

$inputSay="<input value='".$say."'>";
echo $inputSay;

trial result2

he said "I can
    Code:
    trial code3

$say=mysql_real_escape_string($say);
$inputSay="<input value='".$say."'>";
echo $inputSay;

trial result3

he said "\"I can\
    How can I get the following target result exactly in an input tag.
    Code:
    target result

he said "I can't".
    Reply With Quote Reply With Quote
  2. Sep 8, 2012 14:44 #2
    kduv
    kduv is offline
    SitePoint Addict kduv's Avatar
    Join Date
    May 2012
    Location
    Maui, HI
    Posts
    211
    Mentioned
    5 Post(s)
    Tagged
    0 Thread(s)
    Use addslashes() instead
    PHP Code:
    $inputSay '<input value="' htmlspecialchars($say) . '">';
    echo     $inputSay
    Keith
    Freelance web developer
    http://www.duvalltech.com/
    Reply With Quote Reply With Quote
  3. Sep 8, 2012 14:51 #3
    tpunt
    tpunt is offline
    SitePoint Enthusiast
    Join Date
    Feb 2012
    Location
    United Kingdom
    Posts
    56
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by dotJoon View Post
    Code:
    trial code1

$inputSay='<input value="'.$say.'">';
echo $inputSay;

trial result1

he said
    This outputs nothing because the above is equivilent to:
    Code:
    <input value=""I can't"">
    The first double quote closes the value attribute.


    Quote Originally Posted by dotJoon View Post
    Code:
    trial code2

$inputSay="<input value='".$say."'>";
echo $inputSay;

trial result2

he said "I can
    The above parses to the following:
    Code:
    <input value='"I can't"' />
    The single quote closes the value attribute, hence why you've only receieved the value of "I can

    Quote Originally Posted by dotJoon View Post
    Code:
    trial code3

$say=mysql_real_escape_string($say);
$inputSay="<input value='".$say."'>";
echo $inputSay;

trial result3

he said "\"I can\
    mysql_real_escape_string() should only be used for input into your database, not for output. HTML cannot escape special entities by preceding them with a backslash, which is why your message stops at the first single quote found (closing the value attribute).

    Quote Originally Posted by dotJoon View Post
    How can I get the following target result exactly in an input tag.
    Code:
    target result

he said "I can't".
    So what's the solution? Using the function htmlentities() or htmlspecialchars() to translate HTML equivilents into those entites to ensure they don't conflict with the pre-existing HTML code.

    PHP Code:
    $say htmlentities('"I can\'t"');
    $inputSay '<input value="'.$say.'" />';
    echo     $inputSay
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules