Okay, so typically I would write the following:
<input type='text' class='form-control' name='name' value='<?=$user['name'];?>'>
However, because I am using ' in my HTML, and if the name has a ' in it, (i.e. the last name is O'Brian for instance) It doesn't echo correctly, because the value is ending the input abruptly.
Of course a simple solution is to use " quotation marks with my html, but that doesn't help - because what about when I want to echo quotation marks as well? What can I do?
Use <input type='text' class='form-control' name='name' value='<?php echo htmlentities($user['name'], ENT_QUOTES); ?>'>
Related
I'm extracting a string from XML and want to insert it as the value of an input text box. And I'm having problems with this string containing both single and double quotes:
We will have a "New Year's Eve countdown"
Here is the code I'm using to output this. I've tried using htmlspecialchars but it doesn't stop the html code breaking because of the mix of quotes in the string.
echo "<p>Info <input type='text' name='info' value='".htmlspecialchars($result->info)."' size='20' /></p>";
How can I fix this so that it correctly displays the value of the string in the text box?
You need to use the ENT_QUOTES flag to htmlspecialchars to get it to convert both double and single quotes to their html entity equivalent:
echo "<p>Info <input type='text' name='info' value='".htmlspecialchars($result->info, ENT_QUOTES)."' size='20' /></p>";
This will produce the following HTML:
<p>Info <input type='text' name='info' value='We will have a "New Year's Eve countdown"' size='20' /></p>
Which as you can see from this snippet, displays the desired string in the text input:
<p>Info <input type='text' name='info' value='We will have a "New Year's Eve countdown"' size='50' /></p>
<?php
if(isset($_POST['btnLogin'])){
$myVariable = $_POST['fieldParameter'];
if(condition){
//do something
}else{
echo "
<form method='POST' action='submit.php'><br/>
<input type='hidden' name='myVariable' value='<?php echo $myVariable; ?>'/>
<br/>
<input type='submit' name='btnSubmit' id='submit' value='Submit'>
</form>
";
}
}
?>
Notice that the variable $myVariable is contained in the main IF block. I'm trying to send the value of $myVariable to submit.php as hidden field.
Also, i enclosed all the html tags using one echo statement with double quotes.
I found related questions here in SO but can't find similar to embedding php within a long echo of html tags
I tried to put value='<?php echo $studentNo; ?>' with no success.
I want to access it in a submit.php file like this,
submit.php
<?php
$aVariable = $_POST['myVariable'];
echo $aVariable;
?>
How can I pass the value contained in $myVariable as hidden field? Is there something wrong with the way I use double and single quotes?
If you are already echoing a string you shouldn't put <?php echo "" ?> inside it again. You should concatenate your string instead. But in your case you don't even need to do that, because you're using double quotes for echoing which means you can simply just write your variable in it.
echo "<form method='POST' action='submit.php'><br/>
<input type='hidden' name='myVariable' value='$myVariable;'/>
<br/>
<input type='submit' name='btnSubmit' id='submit' value='Submit'>
</form>";
If you were using single quotes for your echo, it would look like this:
echo '<form method="POST" action="submit.php"><br/>
<input type="hidden" name="myVariable" value="' . $myVariable . '"/><br/>
<input type="submit" name="btnSubmit" id="submit" value="Submit">
</form>';
You just need to type $myVariable instead of in your string. Double quotes "" only creates a string literal. It doesn't directly output data like inline HTML. As you can see from the syntax coloring in StackOverflow, the
You can try these variants (simplified):
// code before
echo "<input type='hidden' name='myVariable' value='$myVariable'/>";
// code after
// OR //
// code before
?>
<input type='hidden' name='myVariable' value='<?= $myVariable ?>'/>
<?php
// code after
Note that the quotes you use in HTML don't affect PHP, as long as you escape them properly (use \" and \' where appropriate).
I have this situation:
value='<?php echo $row["manometro_irroratrice"]; ?>'
My value $row["manometro_irroratrice"] contain word like l'alba or "citazione" i have a problem with the value= --> '' <--- apex there is a way to print words with " or ' without problem?
Usr addslashes to negate the effect of such quotes in your string as follows:
value='<?php echo addslashes($row["manometro_irroratrice"]); ?>'
You must use the escape character in PHP is the slash.
value='<?php echo \($row["manometro_irroratrice"]); ?>'
More info here http://php.net/manual/en/regexp.reference.escape.php
I try to display an array within a form, which works fine, except of the array value containing an empty space 'Street Number', then it only displays the Street.
If I echo it outside of the form it works, but not within the form and the loop:
//This is able to show Street and Number
echo $Kundendatenarry[4];
//within the loop and the form it is not working anymore it is only shwoing the street:
echo"<form name='form1' method='post' action='KundeundAutoBearbeiten_Update.php' accept-charset='UTF-8'>";
for ($i=1, $max=$Kundendaten->FieldCount(); $i < $max-3; $i++)
{
echo"<pre><input size='50' name='name' type='text' id='name' value=".$Kundendatenarry[$i]."></pre><br>";
}
echo"<input type='submit' name='senden' value='Daten Ändern'><br>";
echo "</form>";
I thought "< pre >" could help, but it didn't .
Can anybody tell me what I did wrong?
These are the db entries:
echo $Kundendaten
ID,Titel,Vorname,Nachname,Strasse_Hausnummer,Postleitzahl,Stadt,Telefon,EMail,Kommentar,Weihnachtskarte,Erzeugt,Geaendert 11111,,Kurt,Heiz,Rumpenheimerstraße 121, 15625,Offenbach,,,,0,,
--> It is printed perfektly except of Rumpenheimerstraße 121 --> here it prints out Rumpenheimerstraße and not the 121
There is no string tags around your input value:
echo"<pre><input size='50' name='name' type='text' id='name' value=".$Kundendatenarry[$i]."></pre><br>";
should be:
echo '<input size="50" name="name" type="text" id="name" value="'.htmlspecialchars($Kundendatenarry[$i]).'"/><br>';
I've also added htmlspecialchars() too as its common practice to prevent user data breaking the html
Try using this get result first then echo that result in your html script
<?php
foreach(condition){
?>
<form name='form1' method='post' action='KundeundAutoBearbeiten_Update.php' accept-charset='UTF-8'>
<pre><input name='name' type='text' id='name' value="<?php echo $Kundendatenarry[$i] ?>"></pre><br>
<input type='submit' name='senden' value='Daten Ändern'><br>
</form>
<?php
}
//foreach ends
?>
Strange error, but you can slove using it
I'm trying to create a textbox that will be displayed on my website. When displayed, I'd like to show some data within the text box. Here is what I have
echo "<input type=\"text\" size=\"100\" value=\"\">";
All that shows up in the text box is <a href=
And then at the end of the text box, right after the text box I see ">
I know something must be syntactically off, just not sure what.
You must encode <, ", and > chars - they can't be embedded that way. Use:
echo '<input type="text" size="100" value="'.htmlspecialchars('').'">';
You may also use urlencode() function - see which suits you better.
One more tip - use single quotes when string contains HTML-like content. This will save you adding \" everywhere.
php_code ?>
<input type="text" size="100" value="<a href="e;<?=$url;?>"e;></a>\">
<?php
php_code
maybe this will work for you
Think of what the html would look like:
<input type="text" size="100" value="">
^
|
This is where the value attribute ends!
htmlspecialchars should solve it.
You have made some mistake. Your code will result in something like that (also visible in this jsfiddle):
<input type="text" size="100" value="">
Instead you can use something like that:
echo "<input type=\"text\" size=\"100\" value=\"<a href="$url"></a>\">";
or
echo '<input type="text" size="100" value="<a href="' . $url . '"></a>">';
to receive effect visible in this jsfiddle. Is it satisfying enough?