I am having a problem spitting out text saved into a MySQL database and displaying it in an HTML form input field. The text will spit out fine unless there is a single or double quote, then the text is spit out until the quote. The text is all in the database with the escaped slash and the the quotes but when accessing the text in an input field I can only get up to the single quote. Any help is greatly appreciated. Here is the offending code:

while ($row = mysql_fetch_array($queryLink)) {
$title = stripslashes($row['title']);
$description = stripslashes($row['description']);
$address = stripslashes($row['address']);
echo "<h2>Edit Link</h2>";
echo "<table>";
echo "<form method='post' action='/inc/forms.php'>";
echo "<input type='hidden' name='form' value='editLink'>";
echo "<input type='hidden' name='id' value='" . $_GET['id'] . "'>";
echo "<tr>";
echo "<td>Title: </td>";
-- > echo "<td><input type='text' name='title' size='50' value='" . $title . "' /></td>";
echo "</tr>";
echo "<tr>";
echo "<td>Description: </td>";
echo "<td><input type='text' name='description' size='50' value='" . $description . "' /></td>";
echo "</tr>";
echo "<tr>";
echo "<td>Address: </td>";
echo "<td><input type='text' name='address' size='50' value='" . $address . "' /></td>";
echo "</tr>";
echo "<tr>";
echo "<td rowspan='2'><input type='submit' value='Submit' /></td>";
echo "</form>";
echo "</table>";
7 Years
Discussion Span
Last Post by Fbody

I have stripslashes in where the data gets pulled from the database, would that be all I need? Thank you.


That worked. Can you explain why this works? I have never ran into this before but it works and that is what I do not get. Thank you.


The way your statements are written (with concatenation), if you have single quotes in your strings, the interpreter might be interpreting them as starting new literal strings.

//these are roughly equivalent
$variable = "some string";
$variable = 'some string';
//the big differences are the way escape codes are expanded
//and the substitution of in-string variables

//the code (version 1):
$variable = "some string";
print "The contents of \"$variable\" are \"$variable\"...\n";
//should produce
// The contents of "some string" are "some string"...

//the code (version 2):
$variable = "some string";
print 'The contents of \"$variable\" are \"$variable\"...\n';
//should produce
// The contents of \"$variable\" are \"$variable\"...

//the code (version 3):
$variable = "some string";
print 'The contents of "$variable" are "'.$variable.'"...\n';
//should produce
// The contents of "$variable" are "some string"...

Hopefully those outputs are correct, I'm a little rusty... But, you get the idea.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.