Page 1 of 1

Odd Single Quotes Issues

Posted: Fri Sep 18, 2009 1:48 am
by buywithcredit
For some reason, people who submit data with this type of single quote (’ -- Type A) causes premature truncation in my database insert statement while PHP's internal magic quotes will escape this type of single quote (' -- Type B). My question is how can replace Type A with Type B using preg_replace. I can't seem to save code to find that particular quote, because of encoding issues. What am I to do? How can I detect that type of quote is being submitted? Thanks.

Re: Odd Single Quotes Issues

Posted: Fri Sep 18, 2009 5:48 am
by turbolemon
You could try this

Code: Select all

$codes = array (
"\x2019" => "'",
"\xE2\x80\x98", => "'" //Example multi-byte / multi-character replacement
);
$output = strtr($source,$codes);
This will replace all characters which code is 2019 (RIGHT SINGLE QUOTATION MARK?) with the ascii single quote character. You can also add multi-byte character strings to the codes array, as is shown in the second member of the $codes array. Using the code representation gets round your encoding issue.

Also, you can add any other characters you wish to replace to the $codes associative array. I use the Firefox Add-on "Character Identifier", which provides a context menu item that allows you to select characters in a document and identify each character code. https://addons.mozilla.org/en-US/firefox/addon/3929. It shows Unicode characters as U+xxx, the code you require being U+2019.

Hope that helps!

Re: Odd Single Quotes Issues

Posted: Fri Sep 18, 2009 5:52 am
by jackpf
Surely if you just run the input through your database's escape string function, all kinds of quotes would be taken care of?

Re: Odd Single Quotes Issues

Posted: Fri Sep 18, 2009 6:46 am
by Ollie Saunders
For some reason, people who submit data with this type of single quote (’ -- Type A) causes premature truncation in my database insert statement
What database are you using? What character set is the table/field you're inserting into configured to accept?

If you're using MySQL, disable magic_quotes and escape quotes manually using mysql_real_escape_string().