Double quotes issue when pulling data from database

I am writing the following text to the database with PDO
SKYHAWK 3,5" 4TB 256MB 5900RPM ST4000VX013

Text image in database with phpMyAdmin
Ekran görüntüsü 2021-09-01 143718

I don’t use any filtering when writing or reading.
because this process is in admin panel

To edit the product, only the following text is displayed in the input type text field.

I don’t understand, it’s okay to show it in other places on the page, but why is there a problem in editing?
<input type="text" name="hdd_name" value="<?php echo $read['hdd_name']; ?>">

When you output dynamic values in a html context, you must always apply htmlentities() to the value so that any html entities in it won’t break the html markup -
value="<?php echo htmlentities($read['hdd_name'],ENT_QUOTES); ?>"

1 Like

Now, it is necessary to make changes in a lot of files in a lot of inputs, this was a job that would take a lot of time.

I’m using ckeditor, do I need to use it here too?

Thank you

Sponsor our Newsletter | Privacy Policy | Terms of Service