Reputation: 48485
Problem with double quotes and Input
i have the following code :
<input type="text" value="<?php echo $_GET['msg']; ?>">
This input is automatically filled with the name that is writen in the previous page. So, if the user wrote : i like "apples" and banana The input will be broken because it will close the tag after the double quotes. I know i can avoid that by html entiting the value, but i don't want this, is there another solution or is there an <<< EOD in html ?
Thanks
Upvotes: 0
Views: 2225
Answers (3)
Reputation: 11
One function or another will cause some kind of trouble.
I came up with the following to keep the ampersand:
<input type="text" value="<?php echo parseString($_GET['msg']); ?>">
<?php
function parseString($str) {
$result=str_replace('"','"',$str);
$result=str_replace("'","'",$result);
return $result;
}
Upvotes: 1
Reputation: 449435
htmlentities() / htmlspecialchars() is the standard way for this. You should use it.
You can always decode the entities before you send them by E-Mail, or do something else with them using html_entity_decode().
Upvotes: 2
Reputation: 401002
You should use the htmlspecialchars function, to escape the output for HTML :
<input type="text" value="<?php echo htmlspecialchars($_GET['msg']); ?>">
Note : you might have to add some additionnal parameters, if you are not using ISO-8859-1 as charset ; for example, with UTF-8 :
<input type="text" value="<?php echo htmlspecialchars($_GET['msg'], ENT_COMPAT, 'UTF-8'); ?>">
Upvotes: 2
Related Questions
- Input field containing double quotes value
- Quote inside input html (using PHP)
- Single/Double quotes messing up PHP/HTML
- Double vs SIngle Quotes issue
- PHP: double quotes don't show in input value, but are shown in normal echo
- Single and Double Quotes Problems
- issue with single double quotes in php
- php html multiple quotation marks invalid code
- double quotes makes text dissappear, why?
- quotes in html in php problem