Problems with single and double quotes when saving and retrieving form values.
Results 1 to 5 of 5

Thread: Problems with single and double quotes when saving and retrieving form values.

  1. #1
    Senior Member Paul help!'s Avatar
    Join Date
    Aug 2013
    Location
    Manchester, England.
    Posts
    251

    Problems with single and double quotes when saving and retrieving form values.

    Hi guys.

    I am having all kinds of trouble with single and double quotes when saving and retrieving form values from the database, and then re-displaying them on the page (inside form elements, so my customer can make updates).

    What I mean by this is, I am in the process of building a customer a little content management system and if I type double quotes inside a (input text) form field and save the value and try retrieving the value (using double quotes to actually retrieve the value (which itself contains double quotes)), it is confusing the code..... And vice versa regarding single quotes.

    I have tried playing around with heredoc and nowdoc, but I am having no luck.

    I guess what I am asking is, can you recommend any functions which I can pass my values to, which will allow me to use double and single quotes without it confusing the code, and value attributes, etc?

    Paul.
    Last edited by Paul help!; 08-12-2017 at 02:24 PM.

  2. #2
    Senior Member Paul help!'s Avatar
    Join Date
    Aug 2013
    Location
    Manchester, England.
    Posts
    251
    Hi guys, further to my above post.

    the problem I am having is specifically with the value attribute used in conjunction with the input element.

    Here is a snippet of my code (to help illustrate things better):

    PHP Code:
    <form action="editarticle.php?id=<?php echo $article->getValueEncoded("id"?>" method="post" enctype="multipart/form-data">
    <label for="articleauthor">Author Name:</label>
    <input type="text" name="articleauthor" value="<?php echo $article->getValue("articleauthor"); ?>"><br><br>

    <label for="articletitle">Article Title:</label>
    <input type="text" name="articletitle" value="<?php echo $article->getValue("articletitle"); ?>"><br><br><br>

    <input type="hidden" name="sendform" value="1">

    <h2 style="font-style: italic; color: red; font-size: 20px;">Only choose an image (below) if you want to change the existing one, you uploaded previously!</h2>
    <label for="articleimg">Article Image:</label>
    <input type="file" name="articleimg" value=""><br><br><br><br>


    <label for="articletext" style="vertical-align: top;">Artical Text:</label>
    <textarea name="articletext" style="width:1000px; height: 500px;">
    <?php echo $article->getValue("articletext"); ?>
    </textarea><br>

    <input type="submit" name="update_me" value="Update Article" style="margin-left: 95px; margin-top: 35px;">

    </form>

    The above form is used on my customer's admin 'edit' page.

    So, for example, the following code:

    PHP Code:
    <input type="text" name="articletitle" value="<?php echo $article->getValue("articletitle"); ?>">
    ...... echos a value already saved in the database and displays it within the input form field, so my client can edit/modify it (if he wants).

    But it seems to me that, because the php is running inside the value attribute:

    PHP Code:
    value="<?php echo $article->getValue("articletitle"); ?>"
    ....... which itself uses double quotes, I can't use double quotes without it causing malfunctions in my code.

    And furthermore, if I try to use single quotes within the getValue() method (or vice versa), it still causes the text string not to display within the input field, for my client to update (if the string includes double/single quotes).


    I hope this make better sense now?
    Last edited by Paul help!; 08-12-2017 at 07:20 PM.

  3. #3
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    14,887
    If you want to output the retrieved text into an HTML tag's value attribute, apply either the htmlspecialchars() or htmlentities() function to it.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  4. #4
    Senior Member Paul help!'s Avatar
    Join Date
    Aug 2013
    Location
    Manchester, England.
    Posts
    251
    Thanks. Originally I was using the htmlspecialchars() function, but it was preventing my client from being able to use characters such as !"$%^&*() , etc.

    Obviously, this is bad if he just happens to want to use the 'ampersand' symbol, or a 'dollar' sign, etc, etc.

    You can understand how using htmlspecialchars() limits what characters my customer can type??
    Last edited by Paul help!; 08-12-2017 at 08:36 PM.

  5. #5
    Pedantic Curmudgeon Weedpacket's Avatar
    Join Date
    Aug 2002
    Location
    General Systems Vehicle "Running Gear"
    Posts
    22,543
    It will cause problems if you use it on stuff they enter, instead of stuff you display in HTML as you are doing here.
    THERE IS AS YET INSUFFICIENT DATA FOR A MEANINGFUL ANSWER
    FAQs! FAQs! FAQs! Most forums have them!
    Search - Debugging 101 - Collected Solutions - General Guidelines - Getting help at all

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •