'Reading CRUD wont show " marks

I have created a CRUD system for a contact form.

If i was to input speech marks ("") it will not input anything after and including the speechmarks

I use the VARCHAR datatype in the database and type=text in html

Example

In image 1. I have inputted symbols and standard text. This is fine.

In image 2. I have placed the speech marks after the = sign.

As you can see all the symbols and text that was entered before does not show as the speech mark is before it.

https://imgur.com/a/71I62NM

<div class="row">
   <div class="col-md-12">
   <label for="contact_name" class="form-label">Contact Name</label>
   <input type="text" class="form-control" id="contact_name" name="contact_name" value="<?= $data['record']['contact_name'] ?? '' ?>" placeholder="Enter Site Name" required><br>
     </div>
   <div class="col-12">
     <h6 for="contact_email">Contact Email</h6>
      <input type="text" class="form-control" id="contact_email" name="contact_email" value="<?= $data['record']['contact_email'] ?? '' ?>"  placeholder="Leave blank if none"><br><br>
    </div>
    <div class="col-12">
      <h6 for="contact_subject">Subject</h6>
      <input type="text" class="form-control" id="contact_subject" name="contact_subject" value="<?= $data['record']['contact_subject'] ?? '' ?>" placeholder="Floor where Machine is Locatated"> <br><br>
    </div>
    <div class="col-12">
      <h6 for="contact_message">Message</h6>
      <input type="text" class="form-control" id="contact_message" name="contact_message" value="<?= $data['record']['contact_message'] ?? '' ?>" placeholder="Floor where Machine is Locatated"> <br><br>                    
    </div>
                    

    <button type="submit">submit</button>
    </div>
phphtml


Solution 1:[1]

Use your browser's debugging tools to observe the actual HTML that you are emitting to the client. There you will see the difference between something like this:

value="text without quotes"

and something like this:

value="text with "quotes""

From the perspective of the web browser's rendering engine, what would be the "value" of the value attribute in the latter example? It would be simply "text with ", and everything afterward is just nonsense that gets ignored.

HTML-encode your values before outputting them. Something like this:

value="<?= htmlentities($data['record']['contact_name'] ?? '') ?>"

Which would then output as:

value="text with &quot;quotes&quot;"

Which is more meaningfully parsed by the browser's rendering engine.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 David

Related Questions