Re: [PHP] Hidden Input and Quotes?
On Saturday 12 May 2001 04:20, Young Chi-Yeung Fan wrote: If you have input type=hidden name=data value=The word quot;herequot; is in quotes. /, then when you submit your form, $HTTP_POST_VARS[data] or $HTTP_GET_VARS[data] will be: The word \here\ is in quotes. So you can put the value straight into MySQL. The slashes will not show up in MySQL. The browser converted the quot; into , and PHP for some reason (I still don't know why) adds slashes before your ' and The reason is that in your php.ini there is an entry magic_quotes_gpc = on set this to 'off' and the slashes are gone. -- Christian Reiniger LGDC Webmaster (http://sunsite.dk/lgdc/) Install once, run forever. Linux. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Hidden Input and Quotes?
If I have a text box and enter data into that text box with quotes around some of the text... and I want to throw that text into a HTML Hidden Input Field (on my next screen for example) -- the quotes will somehow jackup or truncate that text... because HTML uses quotes within in the Hidden Input Field. So my question is, should I (or, really, can I) encode it? My thinking is I want to encode it with the htmlspecialchars() function... however, eventually, all the data within the Hidden Input Boxes will be stored into my mySQL database, so I'll want to decode it before I send it (restoring the quotes)... is there a way to decode the htmlspecialchars() function? Or, is there a better way to do this (*without* creating a session)? -- I want to use Hidden Input Fields. Thanks Jason [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Hidden Input and Quotes?
So my question is, should I (or, really, can I) encode it? My thinking is I
want to encode it with the htmlspecialchars() function... however,
eventually, all the data within the Hidden Input Boxes will be stored into
my mySQL database, so I'll want to decode it before I send it (restoring the
quotes)... is there a way to decode the htmlspecialchars() function?
I ran into almost exactly the same problem. I was about ready to break
down and hack out a regex when I came across the
get_html_translation_table() function. This function lets you get the
translation table used for the htmlspecialchars and htmlentities
functions. So, for example:
function my_htmlspecialchars ($string) {
$trans_table = get_html_translation_table (HTML_SPECIALCHARS);
return strtr($string, $trans_table);
}
This uses the strtr (STRing TRanslate) function to do the translation and
does exactly the same thing as php's native htmlspecialchars(). To
reverse things (replace the special chars with normal chars), we just need
to flip the $trans_table around
function strip_htmlspecialchars ($string) {
$trans_table = get_html_translation_table (HTML_SPECIALCHARS);
$trans_table = array_flip($trans_table);
return strtr($string, $trans_table);
}
There ya go :)
Regards,
Sean
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Hidden Input and Quotes?
Jason Caldwell wrote: If I have a text box and enter data into that text box with quotes around some of the text... and I want to throw that text into a HTML Hidden Input Field (on my next screen for example) -- the quotes will somehow jackup or truncate that text... because HTML uses quotes within in the Hidden Input Field. So my question is, should I (or, really, can I) encode it? My thinking is I want to encode it with the htmlspecialchars() function... however, eventually, all the data within the Hidden Input Boxes will be stored into my mySQL database, so I'll want to decode it before I send it (restoring the quotes)... is there a way to decode the htmlspecialchars() function? Or, is there a better way to do this (*without* creating a session)? -- I want to use Hidden Input Fields. An easier thing to do would be *not* to use htmlspecialchars(), but instead replace all instances of with quot; . That's assuming your hidden input field uses instead of ' to quote the attribute values. You can just do: ereg_replace(\, quot;, $data); Then you don't have to decode anything to restore the quotes and other characters that have been changed. The quot; will be translated back into when your form is submitted. Young -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Hidden Input and Quotes?
Jason Caldwell wrote: The quot; will be translated back into when your form is submitted. ?? I don't have to convert back?? -- when I eventually submit my Hidden Input Fields into my mySQL DB, they'll be converted back to ? Confused If you have input type=hidden name=data value=The word quot;herequot; is in quotes. /, then when you submit your form, $HTTP_POST_VARS[data] or $HTTP_GET_VARS[data] will be: The word \here\ is in quotes. So you can put the value straight into MySQL. The slashes will not show up in MySQL. The browser converted the quot; into , and PHP for some reason (I still don't know why) adds slashes before your ' and characters. If you use the value elsewhere (aside from just inserting it into MySQL), you'll have to use the stripslashes() function to get rid of the slashes. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
