I have a textbox with user input on page 1. Its content is stored in a Session variable on page 2. Now, I want to add a "Back" button on page 2. Do I have to use htmlspecialchars() before inserting the Session variable back in the textbox? If yes, what do I have to do with " or ' inputs? I guess html_entity_decode(htmlspecialchars($text)) does not make sense, does it?
Thanks a lot for your help!
EDIT:
Back on page 1 I use jQuery to fill in the textbox. Currently I use
var usertext = <?php echo htmlspecialchars($_SESSION['text'], ENT_QUOTES); ?>;
$('#textbox').val(usertext);
By doing this I unfortunately don't get the exact User input back (if characters like " or ' are inserted by the user).
Do I have to use htmlspecialchars() before inserting the Session variable back in the textbox?
If you want to insert into a textbox with jQuery, you need to store the value within the page somewhere. e.g.
<body data-text-value="<?php echo htmlspecialchars($_SESSION['text']) ?>">
Then to insert it into your text box using jQuery:
$('#textbox').val($('body').data('text-value'));