Home/ Questions/Q 6893633
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T06:40:59+00:00

Say you have a text <INPUT> for a user’s name and they decide to

  • 0

Say you have a text <INPUT> for a user’s name and they decide to type in

Johnny's Pizza

This is saved in DB as

Johnny's Pizza

But if the user decides to edit, I repopulate the text <INPUT> as follows

echo form_input('name', htmlspecialchars($name, ENT_QUOTES, 'UTF-8'));

which will show as

Johnny&#039;s Pizza

inside the input field.

PHP.net has a comment here suggesting to use 

echo form_input('name', htmlspecialchars($name, ENT_QUOTES, 'UTF-8', FALSE));

that is, FALSE referring to $double_encoding, but I still get

Johnny&#039;s Pizza

in the input field.

Is there a way around this double encoding? Is this something that can be fixed while still using ENT_QUOTES?

Using Codeigniter 2.0.3.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Using htmlspecialchars is the correct approach, and won’t give the result you describe if you output it directly into the page.

    Presumably the form_input function expects to receive text and not HTML, so it runs htmlspecialchars itself. If so, the solution is to just pass it text and not encode the value for HTML first.

    • 0