I am winding up with special characters such as the ampersand,"&", in the database when the client pastes a description.

Does Data Assist use htmlentities or htmlspecialcharacters or any other PHP function to covert these characters prior to storage in the database?

Assuming I need to "pre-treat" the data before posting, where would you suggest I do that?

Thanks.

Data Assist should not add that. You can likely add the code directly in the Insert to database or update database server behaviors on the associated insert and update pages... you can add a function call to pre-treat the data.

John,

I wrap my form entries like so in DataAssist before entering into the database:

$WA_fieldValuesStr = "".((isset($_POST["title"]))?i8_InsertAlpha($_POST["title"]):"") ."" . "|" . "".((isset($_POST["details"]))?i8_InsertAlpha($_POST["details"]):"") ."" . "|" . "".$WA_DFP_UploadStatus["WA_UploadResult1"]["serverFileName"] ."" . "|" . "".((isset($_POST["sortorder"]))?$_POST["sortorder"]:"") ."" . "|" . "".time() ."" . "|" . "".((isset($_POST["title"]))? i8_UrlParameter($_POST["title"]):"") ."";

Where the function i8_InsertAlpha looks like this:

//=Use to insert strings into database==========================================

function i8_InsertAlpha($val) {
$insertVal = htmlentities(trim($val), ENT_QUOTES);
return $insertVal;
}

When you call this value into the page using a recordset you will need to do so like this:

<?php echo html_entity_decode($row_rsDetails['title']); ?>

Thanks ICre8,

Sorry it took me a while to get back to this idea. I am grateful for your help.

In using your method, would HTML formatting we restored when the data is queried out?

My goal is to keep troublesome characters like the lone ampersand from wrecking the database base, while allowing the user to post limited HTML formatting to their records.