in htmlentities() use the second optional argument with a value of ENT_QUOTES, which will escape also single quotes and is not the default. Satyam ps: which I didn't know and just read in the manual. "Leila Lappin" <galaxylappin@xxxxxxxxxxxxx> wrote in message news:JGENLMMBFKOGCEDPPLENCEAKCDAA.galaxylappin@xxxxxxxxxxxxxxxx > Hello all, > > I hope this hasn't been answered a zillion times already, I've tried > everything I know and nothing has worked. The following is the PHP > statement > and the HTML rendering. The apostrophe is displayed as is and breaks the > browser. May be I am wrong but I was under the impression that escaping > special characters with one of the these, htmlspecialchars, htmlentities, > and addslashes would replace them with encoded (hex?) value so they wont > break the browser. But it hasn't worked that way. I am using > charset=iso-8859-1. This is my PHP: > > === This is the PHP === > <li> > <a href="#" > onclick='document.form1.how.value="<?=htmlentities($row['how'])?>"; > document.form1.factor.value="<?=addslashes($row['factor'])?>";document.form1 > ..submit();'><?= addslashes($row['factor'])?> > </a> > </li> > > ====== This is the rendering ======= > ====== (note the heart's apostrophe breaks IE and firefox) === > <li> > <a href="#" onclick='document.form1.how.value="Pulmonary edema is a > condition in which fluid accumulates in the lungs, usually because the > heart's left ventricle does not pump adequately. In cases of severe > pulmonary edema, the symptoms will worsen and include A drop in blood > pressure resulting in a thready pulse."; > document.form1.factor.value="Pulmonary > edema";document.form1.submit();'>Pulmonary edema > </a> > </li> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
