Jochem Maas wrote:
Angelo Zanetti wrote:
Hi all.
I have a situation where people enter values into a textfield can
include the following:
1 ! 2 @ 3 # 4 $ 5 % 6 ^ 7 & 8 * 9 ( 10 ) 11 ; 12 : 13 " 14 ' 15 ? 16 -
17 _ 18
now once the move to another page and then come back to the page where
the textfield is I echo out the value they previously entered, from a
session variable. When the values are saved in a session
variable I addslashes and when I echo I stripslashes, however because
of the " double quote it screws up my page. because the textfield's
value is escaped prematurely.
<input name="subject" type="text" class="textbox" id="subject4"
value="<?php
if (isset($_SESSION['subject']))
echo stripslashes($_SESSION['subject']);
?>" size="90" maxlength="250"
onBlur="writeSubject();">
do this:
echo htmlentities($_SESSION['subject'], ENT_QUOTES);
stripslashes() and addslashes() are for dealing with the nightmare that is
known as 'magic quotes' - add are not to be used to escape output (there
is probably
a caveat but I can't think of one).
thanks it works well but now say the user has entered: My "FIrst" book
it gets returned as My \"FIrst\" book is there a way for it to be returned as it was originally entered?
thanks again!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
