selecting and displaying data

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
QbertsBrother
Forum Commoner
Posts: 58
Joined: Thu Oct 11, 2007 10:12 am

selecting and displaying data

Post by QbertsBrother »

hello all

i have a page that has a form on it and i am selecting data from the database to populate the form.

what is happening is when i have some data that has a single or double quote the data dies at the quote.

like this.

data in the database: can't read past the quote

what is displayed on screen: can

i have tried to do a string replace and escape the quote with \ but no luck. if anyone has any input on this problem that would be great.

thanks
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Take a look at the html source, you're data is probably there but it is just not displaying correctly because it is terminating the element's quote. Reguardless, all output should always be passed through htmlspecialchars() to avoid such problems.

Code: Select all

<input name="foo" type="text" value="I"m screwing up the element becuase of my quote"> //bad
<input name="foo" type="text" value="<?php echo htmlspecialchars('I"m screwing up the element becuase of my quote'); ?>"> //good
QbertsBrother
Forum Commoner
Posts: 58
Joined: Thu Oct 11, 2007 10:12 am

Post by QbertsBrother »

thanks

the htmlspecialchars worked great.

just one more quick question.

when i have a form and i have php output the form what is the correct way to do it

should i do this

Code: Select all

<input type='text'>
or like this?

Code: Select all

<input type=\"text\">
is it incorrect to use the single quote?

thanks
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Either single or double quotes are fine, I believe. Although I'm not sure why you escaped your double quote in that example.
QbertsBrother
Forum Commoner
Posts: 58
Joined: Thu Oct 11, 2007 10:12 am

Post by QbertsBrother »

if i do something like this

Code: Select all

$output = "<input type="text">";

print $output;
there is an error

Code: Select all

$output = "<input type=\"text\">";

print $output;
but that works. or if you change the escaped double quotes with a single quote. but i heard someplace that you should use the double quotes instead of the single quotes.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Either way is fine.
Post Reply