Hello,
I'm having problems escaping double quotes. Here's what I'm doing:
I'm developing a directory that will allow users to write reviews. So, I collect the review in a textarea box, and then process the data with the following:
function check_input($data, $problem='')
{
$data = trim($data);
$data = addslashes($data);
$data = htmlspecialchars($data);
if ($problem && strlen($data) == 0)
{
die($problem);
}
return $data;
}
So, the addslashes() should escape any double quotes, right? It works on single quotes. But every time I submit a review that contains double quotes, they get put in the database as " And that's how they print when I display it.
I'm certain there is a simple solution, but I'm at my wit's end! I will appreciate any tips.
Thanks,
Tom
Escaping Double Quotes
Moderator: General Moderators
Re: Escaping Double Quotes
You are instructing it to do that. Read http://www.w3schools.com/PHP/func_strin ... lchars.asp.
Re: Escaping Double Quotes
Thank you!
Re: Escaping Double Quotes
Don't use an encoding function to insert data to the database. Use the database escaping functions, such as mysql_real_escape_string()