Does your database have problems storing the characters correctly (and, if so, is there a reason why you can't fix it, for example by changing the character set of the database)?
The input library does not automatically escape your post data unless you turned on global XSS filtering, which is not recommended.
Functions like ascii_to_entities() should be used (if at all) when outputting to HTML, not when processing data for the database, unless the database uses a character set which doesn't support the characters and the database cannot be changed.
There is no parameter for the form_input() function in the form_helper which will disable the use of html_escape() on the value. So, you can pass the third parameter to set_value() to disable its use of html_escape() when you're passing the result of set_value() to form_input()'s second parameter, but form_input() will always use html_escape() on the value.
One thing which can be done is to use:
PHP Code:
<input name="input_name" value="<?php echo html_escape(set_value('field', 'value', false), false); ?>" />
If you really want to encode everything in your input, you could use:
PHP Code:
<input name="input_name" value="<?php echo htmlentities(set_value('field', 'value', false), ENT_QUOTES, config_item('charset'), false); ?>" />
(or you could add a suitable helper function to pass the second and third parameters to htmlentities() as html_escape() does with htmlspecialchars(), especially since you may want to pass some additional flags to the second parameter to indicate the target format, such as ENT_HTML5 or ENT_HTML401).
In html_escape(), htmlspecialchars(), and htmlentities(), the last parameter can be set to false to attempt to prevent double-encoding the data, basically checking whether & is the start of an entity before converting it, so you don't end up with &amp; or &lt;.
