I have to create a login in form which a user will insert a username and a password. I have to ensure that html entities are not processed, and I can not allow single quotes or double quotes to be processed either. I must echo the data entered into the form and display it.
I must use htmlentities and str_replace. I have the htmlentities correct, but am unsure on how to utilize the str_replace function to replace the single and double quotes that the user might enter into the form. Any help would be awesome.
Here is my current PHP (which works)
$username = htmlspecialchars($_POST['username']);
$password = htmlspecialchars($_POST['password']);
$comment = htmlspecialchars($_POST['comment']);
?>
Your username is:
Your password:
Your Comment was:
No comments:
Post a Comment