If there is a ' symbol form wont submit

Hi!!! wow!!! what a nice extension!!

I found a bug and hope I can contribute to the project.

If there's a ' symbol in any field of the form and someone submit it, he will receive the thank you message and the e-mail, but the data from this registry won't be available at the show saved data function.

Hi JulioCastro,

I haven't heard that before but it's quite likely. There are two possibilities. One is that Joomla does some security filtering on the field content to look for things like script injections (people trying to post damaging code into form fields). This may result in code with symbols being stripped.

If that isn't the problem then it may just be that you need to encode the content before saving it. Try putting

<?php
$_POST['field_name'] = htmlspecialchars($_POST['field_name']);
?>

This will encode 'quotes', '&' and 'angle brackets', if you need more then htmlentities() will do all entities.

Bob

Hi Bob.

I'm a newbie and don't know too much.

I was trying to solve the problem "export special character to excel". That's why I tried to fill my form writing several characters. The craracter ' was just one.

Thanks for the help.

I really would apreciate if you help me in this question: http://www.chronoengine.com/component/option,com_fireboard/Itemid,37/func,view/id,7289/catid,2/limit,6/limitstart,12/

Hi JulioCastro,

I haven't heard that before but it's quite likely. There are two possibilities. One is that Joomla does some security filtering on the field content to look for things like script injections (people trying to post damaging code into form fields). This may result in code with symbols being stripped.

If that isn't the problem then it may just be that you need to encode the content before saving it. Try putting

<?php
$_POST['field_name'] = htmlspecialchars($_POST['field_name']);
?>

This will encode 'quotes', '&' and 'angle brackets', if you need more then htmlentities() will do all entities.

Bob

Bob,

I am having this same issue. I put the code you posted above in the OnSubmit before email section. I specified my field name and made sure for any misspelling. What I am a bit confused on is I get the submitted email with description and if there is a ' symbol in the description it is escaped in the email with a \. Why isn't it written to the database that way? instead the ' symbol is not escaped and is probably throwing a mysql error because the ' symbol tells it that there is another column, which there isn't so that's why nothing is written to table. I've narrowed it down to this ' symbol. If I don't use it then everything works perfectly. Please lend me some advice. Thanks.

Bob,

Great news!! I did some more research and found that all I needed to do was to include another parameter.

ENT_COMPAT Will convert double-quotes and leave single-quotes alone.
ENT_QUOTES Will convert both double and single quotes.
ENT_NOQUOTES Will leave both double and single quotes unconverted.

All is well now.

Great, sorry but we have been busy because the site was getting moved between 2 servers!

Cheers

Max

Max,

No problem man. You guys have always been a big help to me. It just so happened that I figured it out myself like 5 min after I posted the first question. Anyways, thanks for responding and thanks for the awesome component!

thanks smetal!

Hi smetal,
Where do you put the parameters? I'm having the same problem.

Hi Astrid,

See the PHP Manual here for the full syntax.

Bob

Thanx, but I still don't know where to put the parameters. Do they go somewhere in the code, or directly into the form?

Hi Astrid,

Not in the form html but in the code that processes the form results - probably near the beginning of the Autogenerated Code box would be a good place.

Bob

Astrid,

Paste the following code in the OnSubmit before email section of the code:

<?php
$_POST['field_name'] = htmlspecialchars($_POST['field_name'], parameter of your choosing);
?>

I hope that helps.

Hi smetal,
Thanx. This was easy. At least form submits now, but quotes are converted to something else.
't is 't beste becomes t is t beste in table and still \'t is \'t beste in confirmation e-mail.
But I can live with that............
At least now I'm sure that my table contains all subscriptions.

Hi Astrid,

did you try the 3 different variables ?

Hi Astrid,

It sounds to me as though the code may work better in the OnSubmit After or near the start of the Autogenerated box so it runs after the email is sent but before the data is saved.

Bob