mysql text value with apostrophe not showing up co

2019-08-23 04:42发布

问题:

I'm inserting the following TEXT value into MySQL using..

$groupname = addslashes($_POST['groupname'];

When getting the value from Mysql I'm using

$name = $row['groupname'];

echo $name;

And this show correctly as "Mr. Davis's Group"

but when this value in added to a form as

then I pass the value to another page, and retrieve it as

$name = $_POST['groupname']; echo $name;

it show up as "Mr. Davis" keeping everything before the apostrophy.

??No clue why, i've tried adding stripslashes($_POST['groupname']; and same thing happens

回答1:

<input name='groupname' type='hidden' value='$groupname' />

Will generate:

<input name='groupname' type='hidden' value='Mr Davis's Group' />
                                                     ^----

At the indicated spot, the browser's parser will see the 'end' of the value=, followed by some unknown attribute s and a broken attribute Group '.

To embed this type of text in a form, you need to use htmlspecialchars(), which will convert any HTML metacharacters (<, >, ', ") into their character entity equivalents, so they can be safely embedded in a form.

addslashes() is a deprecated method of "safely" adding something into a database. It will not make something safe to embed in HTML.



回答2:

Check the text encoding of your input webpage. Match your db charset - use utf-8.