I have a plugin that I am developing that takes user input from a form. After the form is submitted, the input is then assembled to create an ‘About Us’ type paragraph of HTML. This is then used to create a page with the HTML as the content.
I have been playing around with different ways to sanitize this data and the problem that I am running into is that sanitizing the fields replace apostrophes with \’.
I tried using the html entity ‘ instead, but it still escapes it with a slash.
I am new to plugin development, so I’m not too sure on all my available options when it comes to this sort of thing. Does anyone have any suggestions on how I can sanitize the incoming data, but retain my apostrophes? Thanks in advance.
1 Answer
It should add a slash when storing the data. And then you use stripslashes when you want to display it.
$str = "Is your name O\'Reilly?";
echo stripslashes($str); // Outputs: Is your name O'Reilly?
If a slash is not added, all sorts of unexpected things can happen because the apostrophe can be handled as the opening or closing of a string.
