On Tue, January 31, 2006 5:03 am, All U Want wrote: > I'm sure it is a very simple question for you but I'm getting almost > crazy. > > I've got a simple form with several form objects, one of them is a > text field. After submitting the form if one of the form objects > hasn't been modified I will show the same form but keeping the data > previously introduced. My problem is the text field, I can't show any > special characters again, even if there was any space only the first > word is shown, etc. > > I've been playing with different function like urldecode, urlencode, > stripslashes, htmlspecialchars, etc. but couldn't show the same text. > > Do you know how I can fix this?
The first big problem is that you are outputting stuff like this: <input name=foo value=this value has whitespace so is not a value /> instead of this: <input name="foo" value="this value has whitespace but quotes matter" /> You should call http://php.net/htmlentities on the data right before you print it into the HTML page. <?php $value_html = htmlentities($value)?> <input name="foo" value="<?php echo $value_html?>" /> > Note that magic_quotes_gpc is enabled. In that case, you need to call http://php.net/stripslashes on the data before you do anything with it, except to cram it into a database. magic_quotes_gpc *ONLY* made sense in the context of the early days of PHP when 99.9999999% of the data was just getting tossed into a MySQL database and there were a lot less Bad Guys around -- when it was all guestbooks and lovey-dovey surfers. In today's world, Magic Quotes should probably just die... It's a shame, in a way, in that Magic Quotes is a nice simple solution to those simplistic applications that are just tossing data into a database, and not doing much else. But PHP has grown up a lot since then, and the world is a different place. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
