I have a database var that contains
5/8\" Cabinet Grade Plywood
the \\ being added by either WP or SQL to escape the ".
when retrieving this var i use stripslashes() both in in the value of the field used to edit that table (so that the next time someone want to edit that field he/she will see whats in that input already) and in the actual website where it suppose to appear.
The weird thing is ..
in the field it cuts from 5/8\\" Cabinet Grade Plywood to just 5/8
and in the website where it suppose to appear it shows normally without slashes or anything unusual.
this is how I stripslash the field:
$somevar = '<input value="'.stripslashes($currentselected['something']).'" class="niceclass" name="something" type="text" />';
and this is how I use it when it appears on page:
<td><span style="font-size: larger;"><?php echo stripslashes($goods['verygood']); ?></span></td>
it simply collides with HTML markup
<input value="'.stripslashes($currentselected['something']).'"/>
will result in
<input value="5/8" Cabinet Grade Plywood" />
take a look on those ", its broken right there, you need to escape those "
to fix this use urlencode function in php
<input value="'.urlencode(stripslashes($currentselected['something'])).'"/>
or htmlspecialchars function, it should replace quotes with
"
You could use some htmlspecialchars
on the output. The "
has special meaning in HTML, and in this case would actually be seen as the closing of the value
attribute of the input
. Thus, you should escape it ( htmlspecialchars
will translate "
to "
).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.