Clever Geek Handbook

How to use str_replace to replace single and double quotes

I need to create a login in a form where the user inserts the username and password. I have to ensure that html objects are not processed and I cannot allow single quotes or double quotes to be processed. I have to echo the data entered into the form and display it.

I have to use htmlentities and str_replace. I have htmlentities correct, but I'm not sure how to use the str_replace function to replace the single and double quotes that the user can enter into the form. Any help would be awesome.

Here is my current PHP (which is working)

<?php
$username = htmlspecialchars($_POST['username']);
$password    = htmlspecialchars($_POST['password']);
$comment = htmlspecialchars($_POST['comment']);
?>
<html>
<body>
Your username is: <?php echo $username; ?><br />
Your password: <?php echo $password; ?><br />
Your Comment was: <?php echo $comment; ?>

 

+3
php


source to share


7 replies


I think you want this way .. please check



$yourPostVariable = "scor\"pi'on";

//$name = str_replace(array("'", "\""), "", htmlspecialchars($yourPostVariable ) );

echo str_replace(array("'", "\"", "&quot;"), "", htmlspecialchars($yourPostVariable ) );
+13


source to share 


$username = htmlentities(str_replace(array('"', "'"), '', $_POST['username']));


+2


source to share 


 $keyItem = str_replace ("'","\'",$keyItem);

This replaces one quote with the "escaped" single quote.

+2


source to share 


$username = str_replace(array("'", "\""), "", htmlspecialchars($_POST['username']));
+1


source to share


Try the below code to replace double quotes

str_replace(chr(34), "replace_with", $content);

For single quotes

str_replace("'", "replace_with", $content);
0


source to share


To remove quotes you can use this:

$search = 'cars "black" in ...';
$search = str_replace("\"", "", $search);
// result: "cars black in ..."
0


source to share 


$username_test = $_POST['username'];
$username = str_replace(array("'", "\"", "&quot;"), "",htmlspecialchars($username_test) );


//same for password :)
0


source to share






More articles:


All Articles
Loading...
X
Show
Funny
Dev
Pics