A real beginner question but i'm having difficulty with escaping input form data containing commas. Eg. Name entered as O'Neill. I'm checking magic quotes is switched off in th php.ini file which it is so i'm not stripping slashes from the input data. I am however using the mysql real_escape_string function on the data before adding it to the database. Its stored on the database as O'Neill and not O/'Neill however when i retrieve it using mysql SELECT statement the pho code is displaying it as O. Do i need to add a backslash to php knows its not the end of a string but actually part of the string?

Any general advice on this?

Cheers.

The problem i appear to be having is when i try and display the name as values in a form:

If both $property->getName() and $property->getDetails() return O'Neill the name form text appears as O whereas its appears as O'Neill in the details textarea input field. I'm sure its something to do with the the different form input types and the text input type is treating the comma as the end of the string. Any idea how i can resolve this?

I've fixed it by changing the ' to a ". I know the way php treats these is quite different. I assume it was treating it as a variable as opposed to a string. Not sure.

if you still want to use ' to delimit strings you can scape internal ' by escaping them with t backward slash \'

"" display the contents of variables if they are inside of strings like

If you aren't escaping the ' then the HTML becomes this:

You can see the value is then messed up so the browser thinks "O" is the value and ignores the rest.

The fix would be to use addslashes in your form so that it escapes quotes.

Then the HTML would be

Which is correct.

__________________
Eric