PHP and HTML input

Question

scrupply 0 Newbie Poster

14 Years Ago

I am having a problem spitting out text saved into a MySQL database and displaying it in an HTML form input field. The text will spit out fine unless there is a single or double quote, then the text is spit out until the quote. The text is all in the database with the escaped slash and the the quotes but when accessing the text in an input field I can only get up to the single quote. Any help is greatly appreciated. Here is the offending code:

while ($row = mysql_fetch_array($queryLink)) {
$title = stripslashes($row['title']);
$description = stripslashes($row['description']);
$address = stripslashes($row['address']);
}
echo "<h2>Edit Link</h2>";
echo "<table>";
echo "<form method='post' action='/inc/forms.php'>";
echo "<input type='hidden' name='form' value='editLink'>";
echo "<input type='hidden' name='id' value='" . $_GET['id'] . "'>";
echo "<tr>";
echo "<td>Title: </td>";
-- > echo "<td><input type='text' name='title' size='50' value='" . $title . "' /></td>";
echo "</tr>";
echo "<tr>";
echo "<td>Description: </td>";
echo "<td><input type='text' name='description' size='50' value='" . $description . "' /></td>";
echo "</tr>";
echo "<tr>";
echo "<td>Address: </td>";
echo "<td><input type='text' name='address' size='50' value='" . $address . "' /></td>";
echo "</tr>";
echo "<tr>";
echo "<td rowspan='2'><input type='submit' value='Submit' /></td>";
echo "</form>";
echo "</table>";

html-css php

3 Contributors
5 Replies
150 Views
1 Day Discussion Span
Latest Post 14 Years Ago Latest Post by Fbody

crivion 0 Newbie Poster

14 Years Ago

add stripslashes() like value='" . stripslashes ( $title ) . "' to each

crivion 0 Newbie Poster

14 Years Ago

then change single quotes to double like
value = \"$description\"

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

scrupply 0 Newbie Poster · Answer 1 · 2010-07-13T01:23:41+00:00

I have stripslashes in where the data gets pulled from the database, would that be all I need? Thank you.

scrupply 0 Newbie Poster · Answer 2 · 2010-07-13T02:10:26+00:00

That worked. Can you explain why this works? I have never ran into this before but it works and that is what I do not get. Thank you.

Fbody 682 Posting Maven Featured Poster · Answer 3 · 2010-07-13T02:46:09+00:00

The way your statements are written (with concatenation), if you have single quotes in your strings, the interpreter might be interpreting them as starting new literal strings.

//these are roughly equivalent
$variable = "some string";
$variable = 'some string';
//the big differences are the way escape codes are expanded
//and the substitution of in-string variables

//the code (version 1):
$variable = "some string";
print "The contents of \"$variable\" are \"$variable\"...\n";
//should produce
// The contents of "some string" are "some string"...

//the code (version 2):
$variable = "some string";
print 'The contents of \"$variable\" are \"$variable\"...\n';
//should produce
// The contents of \"$variable\" are \"$variable\"...

//the code (version 3):
$variable = "some string";
print 'The contents of "$variable" are "'.$variable.'"...\n';
//should produce
// The contents of "$variable" are "some string"...

Hopefully those outputs are correct, I'm a little rusty... But, you get the idea.