I have a function that creates input fields.
$string = '<input type="' . $field_type . '" class="form-control" id="' . $field_name . '" name="' . $field_name . '" value="' . $field_value . '">';
return $string
$field_value holds a string with qoutes.
var_dump result of $field_value:
string(19) ""Open Sans",Verdana"
When I look at the source inside the Developer Tools of Chrome the result is:
<input type="text" class="form-control" id="themesettings[main_body_font_family]" name="themesettings[main_body_font_family]" value="" open="" sans",verdana"="">
I have tried addslashes($field_value) but that returns:
<input type="text" class="form-control" id="themesettings[main_body_font_family]" name="themesettings[main_body_font_family]" value="\" open="" sans\",verdana"="">
Both results are not correct/working. How can I make the input value work correctly with qoutes.
What you are trying to do is to mask the quotes. Masking in HTML is not done by adding \ or something but by replacing it with a so called HTML entity. Thus you have to replace all quotes by ". You can easily do it using PHP native function htmlentities().