I'm extracting a string from XML and want to insert it as the value of an input text box. And I'm having problems with this string containing both single and double quotes:
We will have a "New Year's Eve countdown"
Here is the code I'm using to output this. I've tried using htmlspecialchars but it doesn't stop the html code breaking because of the mix of quotes in the string.
echo "<p>Info <input type='text' name='info' value='".htmlspecialchars($result->info)."' size='20' /></p>";
How can I fix this so that it correctly displays the value of the string in the text box?
You need to use the ENT_QUOTES flag to htmlspecialchars to get it to convert both double and single quotes to their html entity equivalent:
echo "<p>Info <input type='text' name='info' value='".htmlspecialchars($result->info, ENT_QUOTES)."' size='20' /></p>";
This will produce the following HTML:
<p>Info <input type='text' name='info' value='We will have a "New Year's Eve countdown"' size='20' /></p>
Which as you can see from this snippet, displays the desired string in the text input:
<p>Info <input type='text' name='info' value='We will have a "New Year's Eve countdown"' size='50' /></p>
Related
How can I make multi line text input ?
My code outputs only the first word of any input
For example if I type in "Hello world" it will only print "Hello"
My goal is to display multi line text.
My current code is:
echo "<td><input type=text name=opis value=".$row['opis']." </td>";
I know is the correct tag , but i can't incorporate that into my code.
My code outputs only the first word of any input
For example if I type in "Hello world" it will only print "Hello"
Always wrap you attributes values in quotes. Suppose your $row['opis'] has value "some value here", so in rendered html it will be:
<td><input type=text name=opis value=some value here /></td>
So do you think browser will understand that "some value here" is data of value attribute and not a list of some other attributes?
So, use quotes with attributes' values, always:
echo '<td><input type="text" name="opis" value="' . $row['opis'] . '" /></td>';
As you can see I've changed quotes and also closed input tag ( />).
I am not sure about what you mean with a multi line text input, but in HTML that would be the textarea element.
You can use it and specify how much rows do you want it to show initially. It will normally be bigger than an input[type='text'].
Your code would be something like this:
echo '<td><textarea name="opis" rows="5">'.$row['opis'].'</textarea></td>';
Also, if you want to echo something that requires the use of " you can just do:
echo '<td class="test">'.$content.'</td>';
// or in its case the other way around
echo "<td class='test'>".$content."</td>";
Here's an example of the difference between the two elements:
<input type="text" value='Hello
World
!
I
Am
Here'>
<br><br>
<textarea rows="5">Hello
World
!
I
Am
Here</textarea>
Okay, so typically I would write the following:
<input type='text' class='form-control' name='name' value='<?=$user['name'];?>'>
However, because I am using ' in my HTML, and if the name has a ' in it, (i.e. the last name is O'Brian for instance) It doesn't echo correctly, because the value is ending the input abruptly.
Of course a simple solution is to use " quotation marks with my html, but that doesn't help - because what about when I want to echo quotation marks as well? What can I do?
Use <input type='text' class='form-control' name='name' value='<?php echo htmlentities($user['name'], ENT_QUOTES); ?>'>
i have the jquery accordion tabs. within those tabs, i have a hidden form which on click, is auto-filled with certain values displayed within that tab. It displays correctly within the accordion tab but when i pass those same variables as auto-fill values within the form, only the first word gets displayed if there is more than 1 word. the variable name that i have put as the value attribute of the text box is exactly the same so i don't know why this happens.
echo "<tr><p><td>".$allCourses[$i][0]."</td> - <td>".$allCourses[$i][1]."</td>
it gets displayed correctly here. however, here, only the first word appears:
<form action='editCourse.php' method='post'>
<p id='edit-course-d' class='edit-accordion-tab'><img src='images/edit.png' title='Edit Course'/></p>
<p id='edit-course-f' style='display: none'>
Course ID: <input type='text' name='edit-course-id' value =".$allCourses[$i][0]."><br />
Course Name: <input type='text' name='edit-course-name' value=".$allCourses[$i][1]."><br />
(all this is within the echo "" in php)
You have to put quotes around the content of your value-attribute, otherwise the "other words" are interpreted as HTML-attributes. So what is rendered to the browser looks like:
<input value=hello world>
The browser interprets this as an input element which has two attributes:
value="hello"
world=""
So you have to put quotes ' or double-quotes " around the value of the attribute. Like that:
echo "
<form action='editCourse.php' method='post'>
<p id='edit-course-d' class='edit-accordion-tab'><img src='images/edit.png' title='Edit Course'/></p>
<p id='edit-course-f' style='display: none'>
Course ID: <input type='text' name='edit-course-id' value='".htmlspecialchars($allCourses[$i][0])."'><br />
Course Name: <input type='text' name='edit-course-name' value='".htmlspecialchars($allCourses[$i][1])."'><br />";
I use htmlspecialchars to escape the quotes that might appear inside the values (this adds another layer of safety).
Here is how I am echoing back a 'normal' table cell in PHP:
Code:
echo "<tr>";
echo "<td>Some cell data</td>";
echo "</tr>\n";
Attempt to echo a button within a cell:
echo "<tr>";
echo "<td><form action="insertdata.php?page=add" method="post">
Username: <input type="text" name="username" >
<input type="submit" >
</form>
</td>";
echo "</tr>\n";
Thank you for any help, this is quite confusing to me. I am a beginner when it comes to PHP so please pardon any errors and feel free to kindly correct me wherever a correction is needed!
You need to either escape your double quotes " that appear inside your string surrounded by double quotes, or use a different quote style (i.e. single quotes ') to surround the string that contains the double quotes. It's actually made quite obvious what the problem is by the syntax highlighting on this site.
You could either do this:
echo "<tr>";
echo "<td><form action=\"insertdata.php?page=add\" method=\"post\">
Username: <input type=\"text\" name=\"username\" >
<input type=\"submit\" >
</form>
</td>";
echo "</tr>\n";
...or this...
echo "<tr>";
echo '<td><form action="insertdata.php?page=add" method="post">
Username: <input type="text" name="username" >
<input type="submit" >
</form>
</td>';
echo "</tr>\n";
I suggest you read this thoroughly so you no what you can and can't legally do with strings in PHP.
As a side note, it is a bad idea to put new-line literals inside quoted strings, as it can lead to cross-platform compatibility wierdness. It's not really a problem with web output like this, but it's a bad habit to get into. You should either use \r,\n and \r\n as appropriate, or if you must put literals into the source code, use heredoc syntax. Remember that escape sequences like \r\n are only interpolated in double quoted strings!!!
I'm trying to create a textbox that will be displayed on my website. When displayed, I'd like to show some data within the text box. Here is what I have
echo "<input type=\"text\" size=\"100\" value=\"\">";
All that shows up in the text box is <a href=
And then at the end of the text box, right after the text box I see ">
I know something must be syntactically off, just not sure what.
You must encode <, ", and > chars - they can't be embedded that way. Use:
echo '<input type="text" size="100" value="'.htmlspecialchars('').'">';
You may also use urlencode() function - see which suits you better.
One more tip - use single quotes when string contains HTML-like content. This will save you adding \" everywhere.
php_code ?>
<input type="text" size="100" value="<a href="e;<?=$url;?>"e;></a>\">
<?php
php_code
maybe this will work for you
Think of what the html would look like:
<input type="text" size="100" value="">
^
|
This is where the value attribute ends!
htmlspecialchars should solve it.
You have made some mistake. Your code will result in something like that (also visible in this jsfiddle):
<input type="text" size="100" value="">
Instead you can use something like that:
echo "<input type=\"text\" size=\"100\" value=\"<a href="$url"></a>\">";
or
echo '<input type="text" size="100" value="<a href="' . $url . '"></a>">';
to receive effect visible in this jsfiddle. Is it satisfying enough?