You would need to use htmlentities() to escape the quotes if that's the case.
Chris
S.D.Price wrote:
Hi can anyone help. I have a news blog system where a user can add news stories to a database. As part of the data validation I indicate when the user has not entered data correctly and allow then to re-enter data in a n error prompt form
However if the user has entered quotes the error prompt form does not display the information correctly. For example if I enter Steven's news blog in the original form then either steven (non-escaped quotes) or steven\ (escaped quotes) will appear in the error prompt form. This is because the html value attribute is ended prematurely.
I can't find any solution to this, can anyone help?
Thanks Steve
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
