php htmlentities to decode textarea

Question

I have a text area and I would like to take the input of the text area and merge it all together. Everything works fine except that it's escaping the quotes. For example test's is outputted as test/'s

To fix this I tried htmlenttries such as,

<?php $inputtext= $_POST['textinput'];
        $encodetext = htmlentities($inputtext);
        $finaltext = html_entity_decode($encodetext);

        echo '<p>'.$finaltext .'</p>';  ?>

This should work according to the html_entity_decode manual (unless I read it wrong which could very likely be the case)

Answer 1

The solution is probably for you to strip slashes.

The slashes are automatically added when data comes from POST or GET. This is known as magic quotes and by default are enabled.

You can remove these slashes by using stripslashes()

<?php

$text = $_POST['txtarea']; // from textarea
if(get_magic_quotes_gpc()){
  $text = stripslashes($text);
  // strip off the slashes if they are magically added.
}
$text = htmlentities($text);
// what htmlentities here does is really to convert:
//   & to &amp;
//   " to &#039;
//  and change all < and > to &lt; and &gt; respectively. this will automatically disable html codes in the text.
echo '<pre>'.$text.'</pre>';

?>

See: http://php.net/manual/en/function.stripslashes.php

Answer 2

You need to use $encodetext = htmlentities ($inputtext, ENT_QUOTES); which will not try to escape the single and double quotes. Look under flags here: htmlentities