hi,
i am trying to display the content of a field in my database (which happens to be the embed code for a youtube video) in a form field that my browser will not see as html code to execute it.
i have been using htmlspecialchars function in php which will display the code in the browser without executing it if i put outside of a form field, but as soon as i put it into a form field it breaks - in that it displays the first few characters as html code on the screen but then starts to execute it and plays the video.
is it possible this may be due to how it is reading the " and ' in the php code and the html?
example code:
$gav=' <object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/z6YZ2a-sz9U&hl=en&fs=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/z6YZ2a-sz9U&hl=en&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"></embed></object>'
<input name="horse_video" type="text" value="<?php echo htmlspecialchars($gav, ENT_QUOTES); ?>">
thanks |
