Thanks John for the answer.... But... Now my select statement on the Result.php page errors out when The value has the [']in it..... What the select statement looks like now Is Select * >From customer Where customer.customer LIKE 'St Mary's Hospital' Error message is Warning mysql_fetch_array(): supplied argument is not a valid MySQL result -----Original Message----- From: CPT John W. Holmes [mailto:holmes072000@xxxxxxxxxxx] Sent: Wednesday, November 05, 2003 1:45 PM To: Aleks @ USA.net; 'ma'; 'PHP-DB' Subject: Re: Select Value with 's From: "Aleks @ USA.net" <Aleks.k@xxxxxxx> > First I build my select list: > > <SELECT NAME="Cid" size="1"> > <OPTION Selected VALUE="">All Customers</OPTION> > > <? > While ($Site = mysql_fetch_array($S)) { > $Sid = $Site["CID"]; > $SName = htmlspecialchars($Site["Customer"]); > echo("<option value='$SName'>$SName</options>\n"); Easy fix: echo("<option value=\"$SName\">$SName</options>\n"); Long version: htmlspecialchars() does not change single quotes unless you pass ENT_QUOTES as the second parameter. What you're ending up with is a value such as: value='St. Mary's' which, HTML will interpret as a value of "St. Mary" and an unknown s' attribute. So, $SName = htmlspecialchars($Site["Customer"], ENT_QUOTES); echo("<option value='$SName'>$SName</options>\n"); will convert single quotes to HTML entities and not affect the value. The "easy fix" above works because it uses double quotes around the value and htmlspecialchars() already changes double quotes by default. ---John Holmes... -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
