I have a value saved in mysql table like this:
{"name":"poppy"}
When I need to place another symbol " for example to name it "Cheeps and Potatoes", it's saved in mysql table with \". Up to now all ok. This seems to me ok. Escape character added.
I restore the value twice, now...
Into a textfield in order to edit the value of name.
And also as plain value in order to view it.
As plain value, I can see the text "Cheaps and Potatoes"
but in textfield, I see void! Why ?!
I use php 5.2, mysql 5.1, and plain html.
That function is... awkward. You replace quotation marks with apostrophes, and then you replace the apostrophes with quotation marks...
Get rid of the str_replace and the ereg_replace, and use htmlspecialchars() instead.
6 1925
show us the section of the code that has a problem. I'm having a hard time dissecting your question.
Dan
No idea what OP is asking, but make sure that magic_quotes are off are that you are properly escaping data before entering it into your database.
-
public static function textfield($name, $value, $edit) {
-
if ($edit) {
-
print $value . "<BR/>";
-
$str2 = str_replace('"', "'", $value);
-
$str2 = ereg_replace( chr(ord("'")), "\"", $str2);
-
print $str2;
-
print( "<input id = \"$name\" name=\"$name\" type=\"text\" size=\"60px\" value=\"$str2\"/>");
-
} else {
-
print( "$value");
-
}
-
}
-
Above is the section I am talking about.
What is says is: If you got to edit the value, render an input of type=text. ( Please omit the lines that do str_replace as these lines with the next ereg_replace, was just my try-and-error. )
When I have a value like "Cheaps" and "Dales" for example, it is rendered quite well when NOT in edit state. But in edit state, I lose everything after (").
If I have a value, plain: Cheaps and Dales, everything is just fine.
That function is... awkward. You replace quotation marks with apostrophes, and then you replace the apostrophes with quotation marks...
Get rid of the str_replace and the ereg_replace, and use htmlspecialchars() instead.
O-M-G! Was that awful simple? :-)
Sure hadn't any clue about this function! Thank you very much Kovin!
For the record, I tried to make replacements in order to manipulate the symbols...And really it makes me a bit worry, why didn't catch the trick....but the thing now is that it works!
Thank you!
No problem.
What you were doing was escaping the quotation marks. That works in strings (such as inputting data to the database), but not in HTML. The htmlspecialchars() function converts them to HTML entities (i.e. "), which is like escaping th quotes for HTML.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Norman Uhlenkott |
last post by:
I would like to be able to put in special character inside
an xml data string (#, <, >, &).
when it trys to parses out the XML String it errors out
strXML = "<?xml version='1.0'?>" & vbCRLF...
|
by: Ray |
last post by:
In vb.net response.write ("""haha""") this will return a "haha
In c# the same code will return an error
How do I correct the error in c#
Actually, I have a stringbuilder and...
|
by: The Bicycling Guitarist |
last post by:
A browser conforming to HTML 4.0 is required to recognize &#number;
notations.
If I use XHTML 1.0 and charset UTF-8 though, does é have as much
support as é ?
Sometimes when I run...
|
by: Ozer |
last post by:
Hi friends,
I wanna ask something. I use javascript menu on my user interface. And the
js files contains special(turkish) character. I need to use codepage=1254
attribute in my @Page tag. If i...
|
by: sonald |
last post by:
Dear All,
I am working on a module that validates the provided CSV data in a text
format, which must be in a predefined format.
We check for the :
1. Number of fields provided in the text file,...
|
by: Diilb |
last post by:
I am using DOM to create an rss feed. The problem I am running into
is "special characters" such as é è ç. If I try adding them to the
XML as character data (CData), DOM chokes and throws out...
|
by: jeyabarani |
last post by:
Hi guys,
I want to check whether the user has entered any special characters in a text box.
If the user enters, i want to display an alert message stating that he cant enter a special character...
|
by: kaleeswaran |
last post by:
Hi!
i am handling password generation module.....
i need to force the user enter the special character in their password thing.so i need to handle the special character.so...
|
by: Ragavendran |
last post by:
Hi,
I am using this method for search:
Query =org.apache.lucene.queryParser.QueryParser.parse(String arg0) throws ParseException
Hits = org.apache.lucene.search.Searcher.search(Query query,...
|
by: dinesh1985singh |
last post by:
Hello Everyone,
In my database I found few special character,these special character were get stored even after using proper function for striping out these character,like mysql_real_escape...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
| |