limshiq
Reputation: 21
Trouble reading escape characters from an input value
So right now my input form looks something like this
<form method = "post" action = "Display_Department_Info.php">
Select Department :
<select name = "dept">
<option value="" selected >-- Select One--</option>
<?php
$conn = mysqli_connect('localhost', 'root', 'root', 'DM Phase 2');
if(!$conn) {
echo "Failed to connect to MySQL: ".mysqli_connect_error();
}
$result = mysqli_query($conn, 'select name from department');
while($row = mysqli_fetch_array($result)) {
$val = $row['name'];
echo "<option value ='".$val."'>".$val."</option>";
}
mysqli_close($conn);
?>
</select>
<input type = "submit" value = "Submit" />
</form>
but when I use the following command to read $_POST[dept] for a particular input
"Children's IKEA", it only displays "Children"
This is my reading code.
$departmentinput = mysql_real_escape_string("$_POST[dept]");
Please help! thank you :3
Upvotes: 0
Views: 37
Answers (1)
AbraCadaver
Reputation: 78994
The ' is breaking it because you are using ' to quote the value:
$val = htmlspecialchars($row['name'], ENT_QUOTES);
//or
$val = htmlentities($row['name'], ENT_QUOTES);
Upvotes: 1
Related Questions
- PHP: Can't escape characters in for inputs
- php and special characters
- Escape double quotes in input value
- escape character not working as expected
- PHP escaping input variables
- PHP Escape Characters being pulled
- Escaped characters in string from submitted form
- How to escape input in PHP?
- escape character problem
- escaping input in php