This question already has answers here:
How to use str_replace to replace single and double quotes
(7 answers)
Closed 4 years ago.
I'm having trouble replacing a single quote in a string, the purpose is to create part of an URL
For example : If I type in "Villeneuve d'ascq" I would want to have :
Villeneuve+d%27ascq", %27 being the ascii equivalent of (')
I tried using str_replace("'", ord("'"), string_name) but it doesn't seem to work
Any help would be appreciated and feel free to ask for any more details
Please try this :
echo 'test';
You can also check this at :
PHP MANUAL
Related
This question already has answers here:
Why is "®" being rendered as "®" without the bounding semicolon
(8 answers)
Should an ampersand be URL encoded in a query string?
(2 answers)
Closed 2 years ago.
I have with an unwanted replaced, and not able to figure out how to fix it.
When you echo the following string in PHP
echo('?hash=123&rid=111×tamp=123');
The output is:
?hash=123&rid=111×tamp=123
Note that ×tamp has been replaced with ×tamp
I tried to escape it by using \×tamp but that doens't work.
How can I prevent PHP replacing this?
You can reproduce this error online using http://phptester.net/
You have to escape that string, because & is a special symbol in HTML.
echo htmlspecialchars('?hash=123&rid=111×tamp=123');
More information on the PHP site: https://www.php.net/manual/en/function.htmlspecialchars.php
This question already has answers here:
Escaping quotation marks in PHP
(7 answers)
How can I prevent SQL injection in PHP?
(27 answers)
Closed 5 years ago.
I have a php variable referring to a string that contains apostrophes, but when I quote this variable, it thinks I am trying to end the string. My variable is reading from an array of table data, so I can not go in and put a "\" before every apostrophe in the table. If $foo contains the string "don't", how do I correctly say '$foo' without it trying to end the string. Thanks.
You are correct in thinking that you need to add escape characters ("\") before the apostrophes.
To do this on the fly with the database data you can use the php function addslashes.
so:
$escapedString = addslashes($string);
You could also do this with the string replace function for higher precision:
$escapedString = str_replace("'", "\'", $string);
You can use PHP's addslashes PHP Manual - Add slashes
$foo = addslashes($foo);
This question already has answers here:
json_encode() escaping forward slashes
(4 answers)
Closed 7 years ago.
When i insert url like this
alliedpaint-001-site1.smarterasp.net/white.png
in mysql and encode it using json my url shows like this
alliedpaint-001-site1.smarterasp.net\/white.png
How i can solve this?
json_encode returns the string, it inserts "\" in order to avoid special interpretation.
you can do 2 things-
1) json_encode($mystring, JSON_UNESCAPED_SLASHES);
or
replace "\" with space using regex.
Hope this helps.
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 8 years ago.
I have a string which is a path and is a variable in which I have to save in my database. But the path is
C:\foldera\folderb\folder1\folder2
and obviously I need it to be
C:\\foldera\\folderb\\folder1\\folder2
for the insertion in database of mysql.
Please help me find the solution. I tried str_replace but it won't work.
Thanks in advance.
The function you are looking for is addslashes($string); This function adds the slashes to turn your string into the string you are looking for. But if you are planning on using it as a parameter in an SQL statment you want to use mysqli_real_escape_string()
Also use single quotes in the string in order for addslashes() to work properly. double quotes will parse it as \f not just '\'.
This question already has an answer here:
Closed 11 years ago.
Possible Duplicate:
replace & for &
For a wordpress page to be validated, all & should be replaced with &
I know java but i do not know PHP. So how do i do this in wordpress?
Use htmlspecialchars before printing:
$text = htmlspecialchars($text)
You can escape ampersands & as well as quotes and brackets using the htmlspecialchars() function.
Like the others said, htmlspecialchars() works. Also check out htmlentities() which has a broader range of characters to replace for further scrubbing of the string.