PHP - Show special characters

Question

Snippet to allow user input

//fetch user input and pass it in URL
alertify.prompt("Please enter note/remarks for this Form (optional):", function (e,value) {
    if (e) {
               alertify.success("Form has been submitted");
               $.post(SITE_URL+"someController/someAction",$("#frm_submit").serialize()+ "&user_id="+user_id+"&comment="+value, function( data ) {
           });

    }else{
       alertify.error("Your Form is not submitted");
    }
});

User Input: My Project Google R&D for every googler

When form is post the input is not complete and shows like below

echo $_POST['comment'] prints My Project Google R

Here if user inputs special characters like & as in comment, it breaks the input

Tried using htmlentities($_POST['comment']) and htmlspecialchars($_POST['comment'], ENT_QUOTES, 'UTF-8') but not working.

How could I allow user to input special characters ?

P.S : I am not saving this value in Database

Answer 1

As Daan Suggested, & breaks the URL in javascript. Pls find updated snippet that worked for me

//fetch user input and pass it in URL
alertify.prompt("Please enter note/remarks for this Form (optional):", function (e,value) {
    if (e) {

               alertify.success("Form has been submitted");

               //encodes special characters in user comment
               var comment = encodeURIComponent(value);

               $.post(SITE_URL+"someController/someAction",$("#frm_submit").serialize()+ "&user_id="+user_id+"&comment="+comment, function( data ) {
           });

    }else{
       alertify.error("Your Form is not submitted");
    }
});

Answer 2

Try this:

stripslashes($_POST['comment'])

Answer 3

Use post parameters to send your data.

$.ajax({
  type: "POST",
  url: your_url,
  data: { user_id: user_id, comment: value } 
});