I have a form in which I want to enter elements that will later be assembled into HTML documents. What I am entering, and what I need to end up with, often includes things such as é, —, and related elements. The editor went and converted those for me, exactly what I'm trying to avoid! What I typed as examples were the HTML codes for a non-breaking space (ampersand-n-b-s-p-semicolon), the letter e with an acute accent (ampersand-e-a-c-u-t-e-semicolon), and an em-dash (ampersand-m-d-a-s-h-semicolon).
I need to have those strings preserved. I want them saved in the database, which they are once, but when I resubmit the page with 20 or so fields on it, because I've made a change to some other field, then I end up with the code being rendered. But I don't want it rendered, I want it preserved so that the browser will render my final document correctly. After submitting it a second or third time, I invariably end up with garbage where my entities had been.
I've tried mysql_real_escape_string(), htmlentities(), htmlspecialcharacters(), even html_entity_decode(htmlentities()) and nothing works. I end up with various levels of nonsense.
I do not need the system to take an em-dash or an accented character and turn it into the entity, although that wouldn't hurt. I just want it to preserve the codes that I've put in.
How do I do this? (And why is it so much work?)
Van
Here's the form field:
<textarea name="qih_quote" cols="75" rows="5" wrap="soft"><?php echo $s['qih_quote'];?></textarea>
Here's the line in the submit script that reads that:
$qih_quote = $_POST['qih_quote'];
I've wrapped the $_POST variable in just about everything I can think of as mentioned above. All I want is for the exact string that I put in that textarea to be saved in the table, to be displayed in the textarea when I come back to it, and to be saved to the table again without any modifications at any time.
Try to ensure you have the correct collation in the MySQL table you are saving the data in so that the special characters are preserved, such as utf8_general_ci, which should handle unicode.
Then try using htmlspecialchars() when saving the data into the database and htmlspecialchars_decode() when reading the data.
Okay, the issue was in the form textarea and I needed to encode HTML entities there. This is the final solution:
<textarea name="qih_quote" cols="75" rows="5" wrap="soft"><?php echo htmlspecialchars ($s['qih_quote'], ENT_QUOTES);?></textarea>
Van
I think anyone with this issue might want to have a look at html_entity_decode instead of htmlspecialchars. The former renders ALL html entities as strings, whereas the latter only works on a small subset, at least according to the documentation I read.