I have this bit of code here which is part of a php login form which take a user’s first and last name and a password.
$first_name = SANITIZE(trim(strtolower(@$_POST["f_name"])));
$last_name = SANITIZE(trim(strtolower(@$_POST["l_name"])));
These work fine on desktop for any kind of name but on mobile there seems to be an issue with names that have either a ‘ or a – in them. So for example Shaquille O’Neal can log in just fine on desktop with his first and last name, but if he tries to log in with mobile something happens with the apostrophe in his name and it says the user doesn’t exist. Any ideas why this might happen? Has been tested on both iphone and android phones with the same result.
2
Answers
Try getting the character codes and comparing with the database.
Although ASCII only has one code for single quote (not counting back quote) UTF character sets have multiple ones. Similar for ‘-‘. Mobile devices with "smart" keyboards may susbstitute what they think is a more grammatically correct letter.
Previously I wrote this which is wrong:
Try testing this with
htmlspecialchars(). Sometimes special characters don’t play nice when entering data into forms or displaying it from a database.