Escaping doublequotes in a text field

Anon

OK, this is more of an HTML thing, but...

I have a registration form for my applicatino, where people register usernames to log in and use it. However, if they input a doublequote (") and then don't complete the form in the correct manner, which then would send them back with an error message, it then escapes the " with a \ so that it's \", inside the value="stuff" attribute in the <input type="text"> tag.

However, it doesn't really escape it. If I send in the username "I am "testing" this", it then prints out when it loops back this input field: <input type="text" name="user" size="30" maxlength="50" value="I am \"testing\" this"> However, when the browser displays it, what it shows in the value of the field is "I am \" and nothing else. How do I escape characters for this?

--Jason

ace21

Actually better than a response would be a link to something that helps with the handling of escape characters between php and html. I fight with this problem all the time and just want to know what is considered the best way of handling it.

Ace21

Anon

Well, since HTML does not support double quotes inside of double quotes, you should replace the quotes in the value="" tag with ", the HTML alternative for quotes.

Hope that helps 🙂