I am having trouble posting a php variable to another page. The variable is retrieved from a dropdown selected by the user and if it contains an apostrophe, I only get the part prior to the apostrophe posted. I.E. If I want to post "Cooper's Hawk" I am only receiving "Cooper". How do I escape this properly so that I can post the entire string?
This is what I have:
echo '<form method="POST" action="advanced_search2.php">';
$dropdown_english_name = "<select class = 'dropdown' name='english_name'> <option>ALL</option>";
$query = "SELECT DISTINCT english_name FROM moth_sightings WHERE user_id ='$username'ORDER BY english_name asc";
$result = mysql_query($query) or die(mysql_error());
echo "<tr><td>English Name:</td>";
while($row = mysql_fetch_assoc($result))
{
$dropdown_english_name .= "
<option class = 'dropdown_active' value='{$row['english_name']}'>{$row['english_name']}</option>";
}
$dropdown_english_name .= '
</select>';
echo '<td>' . $dropdown_english_name .'</td></tr>';
on different page
$posted_value = ($_POST['english_name']);
echo $posted_value;die;
So, to clarify from the above code, the posted string is "cooper's hawk" but the echoed output is "Cooper". Thanks in advance for any tips.
You've probably broken you form by generating it as
<select ...><option value='cooper's hawk'>...</option></select>
^---
with that construct, you get a submitted value of cooper, and the option tag ends up with two unknown attributes s and hawk. Be careful when building html forms like that. You HAVE to make sure that embedded quotes in your data don't fundamentally alter the structure of the html, e.g. use mixed quotes, or encoded quotes:
values="cooper's hawk"
values="cooper's hawk"
would both work. note the different quoting styles.
You could use php function addslashes($variable)