On Sun, January 27, 2008 12:27 pm, jekillen wrote: > Hello: > I have a form that has a textarea and I do not want to > disallow the use of single quote as apostrophe, or > for any other normal stylization. So I am using html > entities to change these characters into html entities. > But the function does not remove the escapes added > by the browser when sending the input. > Is there a special function in php for removing the \ escapes > as well? > My plan b would be to look for a similar function in javascript > and convert to html entities before the input is sent to the > server. > I want to screen for damaging code but do not want to > prevent legitimate use of punctuation. If the input in the > text field is then displayed as html (which it will be) I do > not want things like 'It\'s a nice day' showing up in the > html. If you are using htmlentities (et al) correctly, you should not get an "extra" \ in the browser, not even in the textarea, and most especially not coming back into your input $_POST data. Check that you don't have Magic Quotes "on" as well as using mysql_real_escape_string. Also check that you aren't doing htmlentities/htmlspecialchars twice. Somewhere, somehow, you're probably adding an EXTRA \ in your code. If you have to use stripslashes() you've done something wrong in the first place... -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
