Hey guys,

Pretty much 60% completed on my CMS at the moment, run into a slight problem which is slowing me down though

That problem is 'quotes' ...

When editing a record I grab the data from my database and place it into input tags for editing. Only problem is, if there's a quote in there the code thinks that it is the end of the input tag.

Leaving me with;



The actual data inside the database says 'Joe " something'

This only happens with input tags ... textareas are fine with displaying quotes and other characters.

Anyone ever run into these problems? Anyone know how to solve them?

TIA

Try converting both single and double quotes to their ASCII equivlents prior to populating the input value... It also would not hurt to convert the carets as well since a closing caret will prematurely close the input tag as well...

input.value = STRING.replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;').replace(/"/g,'&quot;');

.....Willy

Thanks Willy

I don't quite follow though, where would that code actually go?



Would that be correct?

Run addslashes() on the string before adding it to the database, and use stripslashes() when outputting it onto a page.

$subject = safeAddSlashes($subject);

function safeAddSlashes($string) {
if (get_magic_quotes_gpc()) {
return $string;
} else {
return addslashes($string);
}
}

Is the function I use, and I use safeaddslashes and strip slashes on all of my data ... still I have this error though.

Hey Josh aint seen you about in a while? Where ya bin'?

From looking at the little you posted I would think indexcontent is what is populating the input value... If so it should be something like this:


$indexcontent = str_replace("\n", '', $indexcontent).str_replace(/&/g,'&amp;', $indexcontent).str_replace(/</g,'&lt;', $indexcontent).str_replace(/>/g,'&gt;', $indexcontent).str_replace(/"/g,'&quot;', $indexcontent);

.....Willy

Sorry, I know I hardly ever make myself clear

Indexcontent is the content that appears inside the textarea. title and name go inside input boxes and quotes inside these are what screw my database up

Would it be possible to put the replace into a function and then put it into my config file to easily add it to all pages that need it?

I have only started learning functions and advanced php data manilulation recently, thats why I have no knowledge on them.

Yes, if you put it into a function you can reuse the same function to strip the two inputs and the textarea of illegal characters and replace them with their ascii equivelents...

But you're right about being unclear... It's not your fault but that is the nature of the beast and why I generally avoid answering serverside questions... Without the database it is impossible to run any codes and at best someone can only offer suggestions and hardly ever a definitive solution...

.....Willy

Never a true-er word said there Willy.

Now, back to the beast ... how would the function go?



Something along those lines I'm guessing?

*bump*

I've been looking all throughout the web and this is the best solution I can come up with to using preg_replace and str_replace.

That's weird...donno why those two functions didn't work.

Me neither Josh, I guess it's just for working with / and \ and nothing to do with quotes.



Works well for me now ... Over 2 hours of trying to find a solution to find that it's only that small piece of code ... I don't know which one is more annoying.