I have already tried many functions, but I just can't figure it out. In any case, the right way.
In a form field called a description, I can expect all kinds of characters. They must be formatted in HTML objects before being sent to db.
Now my code is:
$formdesc = htmlentities($_POST['formdesc'], ENT_QUOTES);
For a MySQL query, I just add a "safe" function to cut "off the string":
mysql_real_escape_string($formdesc);
However, this sometimes does not work. "é", for example, becomes & Atilde; & copy; instead of & eacute ;.
To do this, there must be a normal function. Does anyone know what I mean?
source
share