I'm sure this is old news, but I've spent hours on the web looking for a solution to no avail. I have a site driven by mysql. One of the tables is called 'clients'. Many of these clients have apostrophes in their names. On an admin page that I've created within the site I have a form that dynamically calls in the client name to a textfield for editing. Everything after the apostrophe drops off.
I'm adding to the database using addslashes (and have also tried htmlspecialchars) and stripping slashes for display. If I echo the results outside of the textfield, they're fine. It's just when I try to show them IN the textfield all goes awry.
htmlentities() only converts double quotes by default and since you're using single quotes for the delimiter it doesn't work. So here are two ways that work:
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.