|
| Stephen Smith wrote:
> OK guys, here is my delima, which is probably very easy to solve, but I can't seem to find it. I am trying to get form fields to accept apostrophes within the input and stop crashing on me. I'm writing forms into a mysql database and everything works
great unless the user enters a word like "won't" or "can't". Them it crashes during the form submit. What can I do to fix this stupid thing anyway?
Are you having issues displaying the data or saving it to a database?
If it's going into a database, use the appropriate escape_string
function. Eg mysql_real_escape_string (php.net/mysql_real_escape_string)
or pg_escape_string (php.net/pg_escape_string) or as a last resort
addslashes (php.net/addslashes)
When you display the data back, use htmlspecialchars or htmlentities.
Read http://phpsec.org/projects/guide/3.html for more info.
--
Postgresql & php tutorials
http://www.designmagick.com/
|
|