Page 1 of 1

[SOLVED] Escaped single quote not rendered properly in html

Posted: Mon Feb 14, 2005 8:27 am
by voltrader
In an editing screen, I populate forms with previously entered values.

I have set php_value magic_quotes_gpc 0 in .htaccess

Code: Select all

<input type='text' name='title' value='$title' size='50'>
If $title contains an apostrophe and is escaped, like $title='Bob''s' the HTML is still rendered as Bob\.

textarea single quotes render ok:

Code: Select all

<textarea name='title'>$title</textarea>
i.e. Bob's

Anyone know why the escaped single quote in the input=text area is not rendering single quotes?

Posted: Mon Feb 14, 2005 8:32 am
by JayBird
Use double quotes for your form tag attributes

Code: Select all

<input type="text" name="title" value="$title" size="50">
otherwise, when you enter the value the HTML will look like this

Code: Select all

<input type='text' name='title' value='Bob''s' size='50'>
See how that will coonfuse the HTML parser. It will think the value attribute finsihes after the backslash becuase escape characters have no effect in HTML

Posted: Mon Feb 14, 2005 8:35 am
by voltrader
got it... thanks!