I have a json string which contains some html and it's attrubutes. I'm trying to to escape or replace double quotes with single quotes in this string. my code works with some html attributes but not with all.
My example:
$json='{"en":"<b class="test" size="5" >Description</b>"}';
$json=preg_replace('/([^:,{])"([^:,}])/', "$1".'\''."$2",$json);
echo htmlspecialchars($json);
//ouput: {"en":"<b class='test' size='5" >Description</b>"}
Needed result:
{"en":"<b class='test' size='5' >Description</b>"}
I hope this works as expected ([^{,:])"(?![},:])
$json='{"en":"<b class="test" size="5" >Description</b>"}';
$json=preg_replace('/([^{,:])"(?![},:])/', "$1".'\''."$2",$json);
Results in
{"en":"<b class='test' size='5' >Description</b>"}
Try this one : str_replace('"', "'",$json);
$json='{"en":"<b class="test" size="5" >Description</b>"}';
$json=str_replace('"', "'",$json);
echo htmlspecialchars($json);
Output will : {'en':'<b class='test' size='5' >Description</b>'}
Related
I'm extracting a string from XML and want to insert it as the value of an input text box. And I'm having problems with this string containing both single and double quotes:
We will have a "New Year's Eve countdown"
Here is the code I'm using to output this. I've tried using htmlspecialchars but it doesn't stop the html code breaking because of the mix of quotes in the string.
echo "<p>Info <input type='text' name='info' value='".htmlspecialchars($result->info)."' size='20' /></p>";
How can I fix this so that it correctly displays the value of the string in the text box?
You need to use the ENT_QUOTES flag to htmlspecialchars to get it to convert both double and single quotes to their html entity equivalent:
echo "<p>Info <input type='text' name='info' value='".htmlspecialchars($result->info, ENT_QUOTES)."' size='20' /></p>";
This will produce the following HTML:
<p>Info <input type='text' name='info' value='We will have a "New Year's Eve countdown"' size='20' /></p>
Which as you can see from this snippet, displays the desired string in the text input:
<p>Info <input type='text' name='info' value='We will have a "New Year's Eve countdown"' size='50' /></p>
Okay, so typically I would write the following:
<input type='text' class='form-control' name='name' value='<?=$user['name'];?>'>
However, because I am using ' in my HTML, and if the name has a ' in it, (i.e. the last name is O'Brian for instance) It doesn't echo correctly, because the value is ending the input abruptly.
Of course a simple solution is to use " quotation marks with my html, but that doesn't help - because what about when I want to echo quotation marks as well? What can I do?
Use <input type='text' class='form-control' name='name' value='<?php echo htmlentities($user['name'], ENT_QUOTES); ?>'>
I have what is, for me, quite a complex line I want to parse into php.
echo '<input class="cbox" onclick="if(this.checked){document.getElementById('school').style.display ='inline'}else{document.getElementById('school').style.display ='none'}" type="checkbox" name="type[]" value="School" checked/><br>';
Obviously, if I use speech marks to enclose the echo, it would fall apart in the onlick event. How can I avoid this?
To escape characters in php use the \ like so:
echo '<input class="cbox" onclick="if(this.checked){document.getElementById(\'school\').style.display =\'inline\'}else{document.getElementById(\'school\').style.display =\'none\'}" type="checkbox" name="type[]" value="School" checked/><br>';
You need to escape your quotes with \"
Like this:
echo "<input class=\"cbox\" onclick=\"if(this.checked){document.getElementById('school').style.display ='inline'}else{document.getElementById('school').style.display ='none'}\" type=\"checkbox\" name=\"type[]\" value=\"School\" checked/><br>";
Add slashes before '.
echo '<input class="cbox" onclick="if(this.checked){document.getElementById(\'school\').style.display =\'inline\'}else{document.getElementById(\'school\').style.display =\'none\'}" type="checkbox" name="type[]" value="School" checked/><br>';
If you use double-quotes, you can escape any other double-quotes by putting the \ character before them.
There are some more details at: http://php.net/manual/en/language.types.string.php
NEVER use echo to output HTML.
But always type it as is
?>
<input class="cbox"
onclick="if(this.checked){
document.getElementById('school').style.display='inline'
}else{
document.getElementById('school').style.display ='none'}"
type="checkbox" name="type[]" value="School" checked/><br>
In my form I have the following values that are based on a standard PHP/MySql query.
echo "<tr>\n
<td align='right'><b>Location</b></td>
<td><input name='student_location' type='text' size='25' style='font-weight: 700' value=$location></td>
</tr>";
When the value of $location is a single word it displays properly, when it is more than one word say 'North Campus' only 'North' displays.
I've doubled and triple checked and the correct value is in the database, when I do an echo for the value of $location it echoes the correct value but when it's displayed in the field above it chops the last word. It's doing it to all of my variables that are more than one word, so I've missed something obvious.
You forgot quotes :
echo "<tr>\n
<td align='right'><b>Location</b></td>
<td><input name='student_location' type='text' size='25' style='font-weight: 700' value=\"$location\"></td>
</tr>";
Without quotes, the first word will be noted, others will be interpreted as wrong attributes.
You need to put your single quotes around it to make it a valid attribute. The HTML is being created as value=North Campus which gets interpreted as value="North" and some Campus attribute that has no value. Use value='$location'.
you need to quote it by escaping the "
echo "<tr>\n
<td align='right'><b>Location</b></td>
<td><input name='student_location' type='text' size='25' style='font-weight: 700' value=\"$location\"></td>
</tr>";
I have this php code
echo "<textarea id='textarea' cols='70' rows='5' name='code'>".$code."</textarea>";
and I need to put this onClick="SelectAll('txtarea');" after id='textarea' but the quotes are messing me up and I cant figure it out.
Any help?
Thanks!
Explaination
You will need to escape the double quotes, so they will not be read as PHP code. You can do this by typing a \ character before them. You can read more about escaping characters in PHP here.
Edit your code to this
echo "<textarea id='textarea' onClick=\"SelectAll('txtarea');\" cols='70' rows='5' name='code'>".$code."</textarea>";
Try this:
echo "<textarea id='textarea' onClick=\"SelectAll('txtarea');\" cols='70' rows='5' name='code'>".$code."</textarea>";
You can escape quotes with the backslash char "\". Try something like that:
echo "<textarea id=\"textarea\"></textarea>";
Did you try use Escape Character \" ?
So it would be
onClick=\"SelectAll('txtarea');\"
echo "<textarea id='textarea' onClick='SelectAll(\"txtarea\");' cols='70' rows='5' name='code'>".$code."</textarea>";
Use \" instead of " within your text.
Use this
echo "<textarea id='textarea' cols='70' onClick=\"SelectAll('txtarea');\" rows='5' name='code'>".$code."</textarea>";
You have to escape the quotes using backslash, so put in onClick=\"SelectAll('txtarea')\"
Same is recommended for the other attributes, e.g. cols=\"70\"
Why don't you make it easier on yourself? If you need single and double quotes within your string, you can use heredoc syntax, such as:
echo <<<EOF
<textarea id="textarea" cols="70" onClick="SelectAll('txtarea');" rows="5" name="code">$code</textarea>
EOF;