Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

using htmlspecialchars in forms - help

Status
Not open for further replies.
leegold

leegold

Technical User
Mar 19, 2002
39
US
Problem is whenvever I enter Sally's New Car into a form and post to a new page the apostrophie is lost so I get:
Sally s
when I echo it on the page it's posted to. I think I need the PHP function: htmlspecialchars. I've seen the man page but still not sure how to implement - if anyone could provide a snippet I would be grateful. Here's my existing form below...how would I use htmlspecialchars?


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"<html xmlns=" lang="en" xml:lang="en">

<html>
<head>
<title>MYSQL/PHP How-to Insert Form</title>
<link rel="stylesheet"
href=" type="text/css">
</head>
<body>
<h1>How-to Insert Form</h1>
<?php

echo
'<form method="post" action="populate4.php">

<H3>Url Field</H3>
<input type="text" name="url_field" size=80 maxlength=199>

<H3>Title Field</H3>
<input type="text" name="title_field" size=80 maxlength=199>

<H3>Description Field</H3>
<textarea name="descrip_field" rows=15 cols=56
maxlength=1000></textarea>

<H3>Submit keywords with a file <i>or</i> with the text area
below</H3>

<input TYPE="radio" NAME="Type_Submit" VALUE="radio_file">
Use Key Word File
<br>
<input TYPE="radio" NAME="Type_Submit" VALUE="radio_area"
Checked > Use Key Word Text Area

<H3>Keyword file</H3>
<input type="text" name="kw_file" size=40
maxlength=80><h4><i> or </i></h4>

<H3>Keyword text area</H3>
<textarea name="kw_tarea" rows=10 cols=40></textarea>

<H3>Insert into MYSQL</H3>
<input type="submit" value="Insert">

</form>';
?>
</body>
</html>
 
Sort by date Sort by votes
Check the settings for magic_quotes_gpc:
Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automatically.

You should also have a look at the addslashes() and stripslashes() functions.

htmlspecialchars() is probably not needed.
 
Upvote 0 Downvote
Hi,

Could someone give me a snippet that I can put in the form please?
 
Upvote 0 Downvote
You have not provided sufficient information for anyone to give you a snippet of code. The sample you posted has nowhere any text printed to the page that comes from the POST variables.
I suggest that you first inspect the $_POST array on the receiving page:
Code: 
<?php
echo("<pre>\n");
print_r($_POST);
echo("</pre>");
 
Upvote 0 Downvote
Show us the source from populate4.php
Remove all sensitive information first
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
233
SashaBuilder3
SashaBuilder3
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
218
vishvajit
vishvajit
EdLentz
  • Locked
  • Question
Partial link in email
Replies
1
Views
125
spamjim
spamjim
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
206
PeDa
PeDa
ersatz
  • Locked
  • Question
How to send 2 select from mysql database in email like tables
Replies
5
Views
284
ersatz
ersatz

Part and Inventory Search

Sponsor

Back
Top