Menu
The data was inserted into the database after being escaped as follows:
$caller=htmlentities($formVarsI['caller'], ENT_QUOTES, "UTF-8");
Some of the $caller's have single quotes e.g. O'Connor and these then look like O'Connor in the database.
I am now trying to extract the data using a REST api and below is my php:
$sql = "SELECT caller FROM tbl_calls ";
try {
$db = getConnection();
$stmt = $db->query($sql);
$calls= $stmt->fetchAll(PDO::FETCH_OBJ);
$db = null;
echo json_encode($calls);
}
My question is how to html_entity_decode on $caller so as to remove the
'
for each caller where it applies. Note there are approx. 10,000 entries in the db.
637
The solution, of course, is to stop using htmlentities() to escape data going into a database.
The htmlentities() function is for escaping data to be injected into an HTML document context. Not a database.
110
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
