Replace '&' with 'and' on the fly in PHP

Question

Is there a way to replace the character & with and in a PHP web form as the user types it rather than after submitting the form?

When & is inserted into our database our search engine doesn't interpret the & correctly replacing it with & returning an incorrect search result (i.e. not the result that included &).

Here is the field we would like to run this on:

<input type="text" name="project_title" id="project_title" value="<?php echo $project_title; ?>" size="60" class="btn_input2"/>

Answer 1

You can do that as they complete the form with jquery like this:

$('#input').change(function() { // edited conforming Icognito suggestion
  var some_val =  $('#input').val().replace('&', 'and');
   $('#input').val( some_val );
});

EDIT: working example (http://jsfiddle.net/4gXZW/13/)

JS:

$('.target').change(function() {
    $('.target').val($('.target').val().replace('&', 'and'));
});

HTML:

<input class="target" type="text" value="Field 1" />

---

Otherwise you can do that in PHP before the insert sql.

$to_insert = str_replace("&", "and", $_POST['your_variable']);

Answer 2

Is there a way to replace the character & with and in a PHP web form as the user types it rather than after submitting the form?

PHP is on the server, it has no control over anything taking place under any circumstances what-so-ever on the client-side. It sends raw text from the web server, a 100megaton thermonuclear device explodes, and PHP never exists anymore after the content is sent. Just the document received on your client side remains. To work with effects on your client side, you need to work with JavaScript.

To do that, you would pick your favorite JavaScript library and add an event listener for "keyup" events. Replace ampersands with "and", and drop the replacement text back in the box. mugur has posted an answer that shows you how to do this.

This is a horrible solution in practice because your users will be screaming for bloody justice to deliver them from such an awful user experience. What you've ended up doing is replacing the input text with something they didn't want. Other search tools do this, why can't yours? You hit backspace, then what? When you hit in the text, you probably lose your cursor position.

Not only that, you're treating a symptom rather than the cause. Look at why you're doing this:

The reason is when & is inserted into our database our search engine flips out and replaces it with & which then returns an incorrect result (i.e. not the result that included &).

No, your database and search engine do no such thing as "flipping out". You're not aware of what's going on and try to treat symptoms rather than learn the cause and fix it. Your symptom cure will create MORE issues down the road. Don't do it.

& is an HTML Entity Code. Every "special" charecter has one. This means your database also encodes > as > as well as characters with accents in them (such as French, German, or Spanish texts). You get "Wrong" results for all of these.

You didn't show any code so you don't get any code. But here's what your problem is.

Your code is converting raw text into HTML Entity codes where appropriate, you're searching against a non-encoded string.

Option 1: Fix the cause

Encode your search text with HTML entities so that it matches for all these cases. Match accent charecters with their non-accented cousins so searching for "francais" might return "français".

Option 2: Fix one symptom

Do a string replace for ampersands either on the client or server side, your search breaks for all other encodings. Never find texts such as "Bob > Sally". Never find "français".

Answer 3

Before submitting the form you'd need to use JavaScript to change as the user types it in. Not ideal since JS can be turned off.

You'd be much better to "clean" the ampersands after submitting but before inserting into the database.

A simple str_replace should work:

str_replace(' & ',' and ', $_POST['value']);

But as others have pointed out, this isn't a good solution. The best solution would be to encode the ampersands as they go into the database (which seems to be happening just now), then modify your search script to allow for this.