PHP Function: remove special characters from post data

March 11, 2010 by: Anthony Damasco

Since I began programming 6 years ago I always had trouble with collecting data from forms. Users tend to copy and paste data into them, capturing special characters in the process. The special chars then end up in the mysql data as some random garbage, then it appears on the website as weird symbols.

A while back I asked a programmer friend of mine if he had a function that would help out with this. He did! I’ve been using it with the last 9 applications that I built, and it works every time.

Here is the function code:

if (!function_exists('cleanText')) {

function cleanText($str){

$str = str_replace("Ñ" ,"Ñ", $str);
//$str =  preg_replace('/Ñ/g',"|Ñ|", $str);

//echo "Text BEGIN ".$str."  --- ".bin2hex ("Ñ")."\n<BR>";     // d1

/*
for($i = 0 ; $i < strlen($str) ; $i++){
echo "".$str{$i}."  - ". bin2hex ( $str{$i})."<BR>";
}
*/

$str = str_replace("ñ" ,"&#241;", $str);
$str = str_replace("ñ" ,"&#241;", $str);
$str = str_replace("Á","&#193;", $str);
$str = str_replace("á","&#225;", $str);
$str = str_replace("É","&#201;", $str);
$str = str_replace("é","&#233;", $str);

$str = str_replace("ú","&#250;", $str);

$str = str_replace("ù","&#249;", $str);
$str = str_replace("Í","&#205;", $str);
$str = str_replace("í","&#237;", $str);
$str = str_replace("Ó","&#211;", $str);
$str = str_replace("ó","&#243;", $str);
$str = str_replace("“","&#8220;", $str);

$str = str_replace("”","&#8221;", $str);

$str = str_replace("‘","&#8216;", $str);
$str = str_replace("’","&#8217;", $str);
$str = str_replace("—","&#8212;", $str);

$str = str_replace("–","&#8211;", $str);
$str = str_replace("™","&trade;", $str);
$str = str_replace("ü","&#252;", $str);
$str = str_replace("Ü","&#220;", $str);
$str = str_replace("Ê","&#202;", $str);
$str = str_replace("ê","&#238;", $str);
$str = str_replace("Ç","&#199;", $str);
$str = str_replace("ç","&#231;", $str);
$str = str_replace("È","&#200;", $str);
$str = str_replace("è","&#232;", $str);
$str = str_replace("•","&#149;" , $str);

return $str;

}
}

?>

Stick this in code in a page called “functions.php” and include it at the top of the page.  It uses str_replace to replace special characters. You can add and remove characters easily by coping $str = str_replace(“•”,”&#149;” , $str); and just replacing the character and the code when necessary.

Here’s a snip of it in action

HMTL Form:

<form method="post" action="clean_data.php">
<input type="text" name="textfield">
<input name="submit" type="submit" />
</form>
clean_data.php:
<?php

include "includes/functions.php";

// Get post Data from form
$textfield = $_POST["textfield"];

// Clean Data
$textfield= cleanText($textfield);

echo $textfield;

?>

And that’s all there is to it. If you have any questions, post them in the comments of this post.

-AD

List of Special Characters

Comments

10 Responses to “PHP Function: remove special characters from post data”
  1. WeaponsTheyFear says:
    March 30, 2010 at 2:12 pm

    Rather than calling so many str_replace functions, you could put the characters to replace in an array and the chars to replace with in an array and run one call to str_replace to do this.

  2. Anthony Damasco says:
    April 5, 2010 at 4:18 am

    Want to post an example for any readers browsing my blog?

  3. Dewey Dufrain says:
    April 7, 2010 at 5:23 pm

    I’ve been reading through your site. You have some awesome posts on here, especially this one – I really liked it…nice post. Consider yourself bookmarked

  4. Juan Pablo Rodriguez says:
    September 12, 2010 at 4:59 pm

    Thank you this was most useful! Here’s what I think WeaponsTheyFear meant:

    $array_of_special_chars=array(“ñ”,”Á”,”á”,”É”); //you must put all the array elements, here’s only the first 4
    $array_of_equivalents=array(“ñ”,”Á”,”á”,”É”); //same as above
    //The order is very important, also both arrays must be the same size
    for ($i=0;$i<sizeof($array_of_special_chars);$i++) $string=str_replace($array_of_special_chars[$i],$array_of_equivalents[$i],$string);

  5. Jimmy says:
    December 20, 2010 at 2:02 pm

    Could anyone tell me the code for – I can’t get it to display the character for replacement on any machine I own. It always shows up as a ?

  6. aas says:
    July 13, 2011 at 10:17 pm

    cool

  7. WojciechM says:
    December 6, 2011 at 7:09 am

    Seeing as how nobody answered the array with questions properly till now I decided to reply. I know it’s been a long time since the original post, but I see people are still stumbling into it.

    All this is actually information is easily obtainable from the manual http://php.net/manual/en/function.str-replace.php

    $digits = array(“1″, “2″, “3″);
    $digitsAsWords = array(“one”, “two”, “three”);
    $phrase = “It’s easy as 1, 2, 3.”;

    $newphrase = str_replace($digits, $digitsAsWords, $phrase);
    // Provides: “It’s easy as one, two, three.”;

  8. Luis Garso says:
    January 25, 2012 at 1:35 am

    Use htmlentities()
    Example:

    $value = htmlentities($_POST ['stringposted']);

    Very easy my friends…

  9. tolinakopa says:
    April 20, 2012 at 11:18 am

    Seeking today rothmans will above galaxy and all making

    rothmans cigarettes,12

  10. jiiiik.com says:
    May 12, 2012 at 1:45 am

    PHP Function: remove special characters from post data | AnthonyDamasco.net Pretty nice post. I just stumbled upon your blog and wanted to say that I’ve truly enjoyed surfing around your blog posts. In any case I will be subscribing to your rss feed and I hope you write again very soon!

Leave a Reply