Escaping Double Quotes
Posted: Fri Aug 21, 2009 6:09 pm
Hello,
I'm having problems escaping double quotes. Here's what I'm doing:
I'm developing a directory that will allow users to write reviews. So, I collect the review in a textarea box, and then process the data with the following:
function check_input($data, $problem='')
{
$data = trim($data);
$data = addslashes($data);
$data = htmlspecialchars($data);
if ($problem && strlen($data) == 0)
{
die($problem);
}
return $data;
}
So, the addslashes() should escape any double quotes, right? It works on single quotes. But every time I submit a review that contains double quotes, they get put in the database as " And that's how they print when I display it.
I'm certain there is a simple solution, but I'm at my wit's end! I will appreciate any tips.
Thanks,
Tom
I'm having problems escaping double quotes. Here's what I'm doing:
I'm developing a directory that will allow users to write reviews. So, I collect the review in a textarea box, and then process the data with the following:
function check_input($data, $problem='')
{
$data = trim($data);
$data = addslashes($data);
$data = htmlspecialchars($data);
if ($problem && strlen($data) == 0)
{
die($problem);
}
return $data;
}
So, the addslashes() should escape any double quotes, right? It works on single quotes. But every time I submit a review that contains double quotes, they get put in the database as " And that's how they print when I display it.
I'm certain there is a simple solution, but I'm at my wit's end! I will appreciate any tips.
Thanks,
Tom