php - How to use str_replace to replace single and double quotes

Question

I have to create a login in form which a user will insert a username and a password. I have to ensure that html entities are not processed, and I can not allow single quotes or double quotes to be processed either. I must echo the data entered into the form and display it.

I must use htmlentities and str_replace. I have the htmlentities correct, but am unsure on how to utilize the str_replace function to replace the single and double quotes that the user might enter into the form. Any help would be awesome.

Here is my current PHP (which works)

<?php
$username = htmlspecialchars($_POST['username']);
$password    = htmlspecialchars($_POST['password']);
$comment = htmlspecialchars($_POST['comment']);
?>
<html>
<body>
Your username is: <?php echo $username; ?><br />
Your password: <?php echo $password; ?><br />
Your Comment was: <?php echo $comment; ?>

Answer 1

I guess you want it this way.., Please check

$yourPostVariable = "scor"pi'on";

//$name = str_replace(array("'", """), "", htmlspecialchars($yourPostVariable ) );

echo str_replace(array("'", """, """), "", htmlspecialchars($yourPostVariable ) );