I had posted this question in the CodeIgniter forums with no success, so I thought there might be someone here who knows the answer.
I have a registration form, an edit registration form, and a display of the info from the form. Entering a last name such as “O’Brian” would result in O'Brian being inserted into the database, and showing up in the input field of the edit form. It did however display correctly.
My meta tag in the head was set to utf-8, and my text editor also was set to utf-8. But for some reason my database COLLATION was set to latin1_swedish_ci by mistake (I have no idea how that happened 
). I fixed that - changed my database, all the tables and all the relevant fields to utf8_general_ci.
Now the symbols are entered into the database correctly, but the HTML code (') is still appearing when the edit form is pre-populated.
One suggestion was “stop using global_xss_filtering, xss_clean() (you probably have that as a form validation rule)”. This is my only validation rule for that input:
$this->form_validation->set_rules('last_name', '<span>"Last Name"</span>', 'required');
And I have $config[‘global_xss_filtering’] = FALSE; in my config.php file.
Another suggestion was that I was doing some HTML escaping in my code - I am not.
Here is my form input:
<div class="form-control">
<?php echo form_label('Last Name: ', 'last_name'); ?><br />
<?php
$attributes = array(
'id' => 'last_name',
'name' => 'last_name',
'value' => set_value('last_name', $client->last_name)
);
echo form_input($attributes);
?>
</div> <!-- end of .form-control -->
My $data array element from the controller:
'client' =>$this->registration_model->get_single_client($_SESSION['client_id']),
and the database query from the model:
public function get_single_client($client_id) {
$this->db->where('id', $client_id);
$query = $this->db->get('clients');
return $query->row();
}
Is there anything else I should be looking at? I really don’t want the user to have to keep seeing the HTML code.