when i use stripslashes in php but i did not get the exact solution. I have menstion below which i used in my code those are
Example if i have the value in table like suresh\'s kuma\"r
i trying to display the value in the following three formats but no one is giving exact value
1) value=<?=stripslashes($row[1])?> //output is suresh's
2) value='<?=stripslashes($row[1])?>' //output is suresh
3) value="<?=stripslashes($row[1])?>" //output is suresh's kuma
But the exact output i need is suresh's kuma"r
let me know how to resolve the this issue?
The issue has nothing do to with stripslashes. If I guess correctly, the problem lies in the fact that in your examples quotes break the html field attribute;
I’ll show you by manually echoing out your $row content as per your infos:
value="sures" kumarvalue='sures' khumarEscaping the quotes won’t affect html, since backslashes has no meaning in html.
Both
value="Suresh"andvalue="Suresh\"will work fine for the browser, but your name will always be interpreted by the browser as some unknown attribute, leaving only the first part inside the value.What you might do, instead, is apply
htmlentities($row[1],ENT_QUOTES)so that they get converted in the equivalent entity ("e;,for ex.) and not break your value attribute. See manual.Another issue is that you shouldn’t be having backslashes in your database in the first place; this might be due to the presence of
magic_quotesenabled in your provider, or you passing manuallyaddslashes()or other wrong trickery. If you want to insert into a database values containing quotes, use the escaping mechanism provided by your database driver (mysql_real_escape_string() in mysql, for ex.), or better tools (preparated statements with query bindings).You should first get rid of all the slashes using that stripslashes and re-saving back the content; but slashes or not, the issue would appear again if you don’t format that appropriately for your html, as I showed above.