Use of double quotes in a 'input type=“text”' value wont work, string stops at double-quote !

Question

How can I make it possible for users to use the \'\"\' (double quote) inside a textfield...

Whenever I do use double-quote in the field (the value) then when receiving t

Answer 1

You have to use htmlspecialchars($str, ENT_QUOTES) or htmlentities($str, ENT_QUOTES) to convert the quotes to the HTML entity ". Those function also take care of other characters that should be encoded.

mysql_real_escape_string() is only meant for escaping single quotes in database queries, so that you can correctly enter strings with single quotes into your database (and avoid SQL injections).

EDIT: Added parameters. Thanks to micahwittman