Certain characters have special significance in HTML, and should be represented by HTML entities if they are to preserve their meanings.
http://php.net/manual/en/function.htmlspecialchars.php
HTML is best written with double quote. Although single quotes can be used, sometimes the results are not as predicable.
For example:
<?php
$val = "Brother's team say: " . '"Hello Man".';
?>
<!-- testing single qouted values -->
<input value='<?php echo $val; ?>' ><br>
<input value='<?php echo htmlspecialchars($val); ?>' ><br>
<input value='<?php echo htmlentities($val); ?>' ><br>
<!-- testing double quoted values -->
<input value="<?php echo $val; ?>" ><br>
<input value="<?php echo htmlspecialchars($val); ?>" ><br>
<input value="<?php echo htmlentities($val); ?>" ><br>
Will output the following:
Brother
Brother
Brother
Brother's team say:
Brother's team say: "Hello Man".
Brother's team say: "Hello Man".
Only the last two are correct. The answer is to use either htmlentities or htmlspecialchars AND correct the html line:
Old:
<input value='<?php echo $val_double; ?>' >
Correct:
<input value="<?php echo htmlspecialchars($val_double); ?>" ><br>