[FIXED] How to remove single and double quotes from a string

Issue

When I run a phrase that contains double quotes through this function, its replacing the quotes with quot.

I want to completely remove them (also single quotes). How can I alter the function to do that?

function string_sanitize($s) {
    $result = preg_replace("/[^a-zA-Z0-9]+/", "", $s);
    return $result;
}

Update:

Example 1: This is 'the' first example 
returns: Thisis030the039firstexample 
Errors: Warning: preg_match_all() [function.preg-match-all]: Unknown modifier '0' in C


Example 2: This is my "second" example
returns: Thisismyquotsecondquotexample
Errors: Invalid express in Xpath

Solution

It looks like your original string had the HTML characters for " (") so when you attempt to sanitize it, you're simply remove the & and ;, leaving the rest of the string quot.

---EDIT---

Probably the easiest way to remove non alpha numeric characters would be to decode the HTML characters with html_entity_decode, then run it through the regular expression. Since, in this case, you won't get anything that needs to be re-coded, you don't need to then do htmlentities, but it's worth remembering that you had HTML data and you now have raw unencoded data.

Eg:

function string_sanitize($s) {
    $result = preg_replace("/[^a-zA-Z0-9]+/", "", html_entity_decode($s, ENT_QUOTES));
    return $result;
}

Note that ENT_QUOTES flags the function to "...convert both double and single quotes.".

Answered By - Hamish

Answer Checked By - Marie Seifert (PHPFixing Admin)