I tried everything, and I still can not understand. addslahes(), str_replace(), htmlentities()I just do not understand why the double quotes are not displayed on my site.
$sql = $con->prepare("SELECT * FROM `user_settings` WHERE `user_session` = '$user_session'");
$sql -> execute();
$result = $sql->fetchAll(PDO::FETCH_ASSOC);
foreach ($result as $row) {
$advertising_1 = $row['advertising_1'];
$advertising_2 = $row['advertising_2'];
$website_name = $row['website_name'];
$website_url = $row['website_url'];
$statistics = $row['statistics'];
}
echo '<input type="text" name="website_name" placeholder="Your Website URL" value="'. $website_name. '" />' ?>
Can someone explain where I made a mistake here? There is a problem with double quotes in my string. Single quotes have been fixed with mysql_escape, but they seem to be out of date.
source
share