Hi guys.

I am having all kinds of trouble with single and double quotes when saving and retrieving form values from the database, and then re-displaying them on the page (inside form elements, so my customer can make updates).

What I mean by this is, I am in the process of building a customer a little content management system and if I type double quotes inside a (input text) form field and save the value and try retrieving the value (using double quotes to actually retrieve the value (which itself contains double quotes)), it is confusing the code..... And vice versa regarding single quotes.

I have tried playing around with heredoc and nowdoc, but I am having no luck.

I guess what I am asking is, can you recommend any functions which I can pass my values to, which will allow me to use double and single quotes without it confusing the code, and value attributes, etc?

Paul.

    Hi guys, further to my above post.

    the problem I am having is specifically with the value attribute used in conjunction with the input element.

    Here is a snippet of my code (to help illustrate things better):

    <form action="editarticle.php?id=<?php echo $article->getValueEncoded("id") ?>" method="post" enctype="multipart/form-data">
<label for="articleauthor">Author Name:</label>
<input type="text" name="articleauthor" value="<?php echo $article->getValue("articleauthor"); ?>"><br><br>

<label for="articletitle">Article Title:</label>
<input type="text" name="articletitle" value="<?php echo $article->getValue("articletitle"); ?>"><br><br><br>

<input type="hidden" name="sendform" value="1">

<h2 style="font-style: italic; color: red; font-size: 20px;">Only choose an image (below) if you want to change the existing one, you uploaded previously!</h2>
<label for="articleimg">Article Image:</label>
<input type="file" name="articleimg" value=""><br><br><br><br>


<label for="articletext" style="vertical-align: top;">Artical Text:</label>
<textarea name="articletext" style="width:1000px; height: 500px;">
<?php echo $article->getValue("articletext"); ?>
</textarea><br>

<input type="submit" name="update_me" value="Update Article" style="margin-left: 95px; margin-top: 35px;">

</form>

    The above form is used on my customer's admin 'edit' page.

    So, for example, the following code:

    <input type="text" name="articletitle" value="<?php echo $article->getValue("articletitle"); ?>">

    ...... echos a value already saved in the database and displays it within the input form field, so my client can edit/modify it (if he wants).

    But it seems to me that, because the php is running inside the value attribute:

    value="<?php echo $article->getValue("articletitle"); ?>"

    ....... which itself uses double quotes, I can't use double quotes without it causing malfunctions in my code.

    And furthermore, if I try to use single quotes within the getValue() method (or vice versa), it still causes the text string not to display within the input field, for my client to update (if the string includes double/single quotes).

    I hope this make better sense now?

      If you want to output the retrieved text into an HTML tag's value attribute, apply either the [man]htmlspecialchars/man or [man]htmlentities/man function to it.

        Thanks. Originally I was using the htmlspecialchars() function, but it was preventing my client from being able to use characters such as !"£$%&*() , etc.

        Obviously, this is bad if he just happens to want to use the 'ampersand' symbol, or a 'dollar' sign, etc, etc.

        You can understand how using htmlspecialchars() limits what characters my customer can type??

          It will cause problems if you use it on stuff they enter, instead of stuff you display in HTML as you are doing here.

            Write a Reply...