Escaping Double Quotes

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tfloyd
Forum Newbie
Posts: 2
Joined: Fri Aug 21, 2009 5:56 pm

Escaping Double Quotes

Post by tfloyd »

Hello,

I'm having problems escaping double quotes. Here's what I'm doing:

I'm developing a directory that will allow users to write reviews. So, I collect the review in a textarea box, and then process the data with the following:

function check_input($data, $problem='')
{
$data = trim($data);
$data = addslashes($data);
$data = htmlspecialchars($data);
if ($problem && strlen($data) == 0)
{
die($problem);
}
return $data;
}

So, the addslashes() should escape any double quotes, right? It works on single quotes. But every time I submit a review that contains double quotes, they get put in the database as " And that's how they print when I display it.

I'm certain there is a simple solution, but I'm at my wit's end! I will appreciate any tips.

Thanks,

Tom
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Escaping Double Quotes

Post by califdon »

You are instructing it to do that. Read http://www.w3schools.com/PHP/func_strin ... lchars.asp.
tfloyd
Forum Newbie
Posts: 2
Joined: Fri Aug 21, 2009 5:56 pm

Re: Escaping Double Quotes

Post by tfloyd »

Thank you!
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Escaping Double Quotes

Post by Eran »

Don't use an encoding function to insert data to the database. Use the database escaping functions, such as mysql_real_escape_string()
Post Reply