Echo in xhtml input 'value' attribute
Posted: Thu Nov 10, 2005 3:56 pm
Hey guys,
I have a 'profile' table where users can optionally fill out inputs like 'occupation', 'favorite food', etc.
The form for updating your profile pulls any existing profile fields from the user's profile records and adds the respective values to the text inputs of the form... for instance:
$row['quote'] is the current quote that was orginally inputted by the user. The problem with the code above is that with quotes, the user will type in the text box a quote with actual "quotation" marks around it... like so...
"To the winner goes the spoils"
When the input is placed in the DB, I run it through 'escape_data()' function (my own) which runs it through mysql_real_escape_string(). But because it has quotes around it, it is cancelling out the 'value=' attribute early in the XHTML input code. How can I get around this and how do I display data that was inputted with quotes in it in such 'input HTML' code as above?? Thanks for your help. Take care.
I have a 'profile' table where users can optionally fill out inputs like 'occupation', 'favorite food', etc.
The form for updating your profile pulls any existing profile fields from the user's profile records and adds the respective values to the text inputs of the form... for instance:
Code: Select all
<!-- QUOTE -->
<p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value="
<?php if (isset($row['quote'])) echo $row['quote']; ?>" /></p>$row['quote'] is the current quote that was orginally inputted by the user. The problem with the code above is that with quotes, the user will type in the text box a quote with actual "quotation" marks around it... like so...
"To the winner goes the spoils"
When the input is placed in the DB, I run it through 'escape_data()' function (my own) which runs it through mysql_real_escape_string(). But because it has quotes around it, it is cancelling out the 'value=' attribute early in the XHTML input code. How can I get around this and how do I display data that was inputted with quotes in it in such 'input HTML' code as above?? Thanks for your help. Take care.