This question already has answers here:
How can I combine two strings together in PHP?
(19 answers)
Closed 7 years ago.
I'm trying to link several variables from a database into html. All the data is stored in the DB, however I can't figure out how to link the variables through HTML. Below is my code that I have tried, but doesn't work properly.
echo 'test';
I know the code works properly if I just do something like this (it does return the name):
echo $row["name"];
So why doesn't it work properly with the + $row["name"] + in it? It works perfect as long as I don't try and add data with the +'s.
Thank you!
this is the correct way to write this
echo 'test';
Use a . in stead of +.
And on a sidenote, if the data in the db isn't yet escaped, also use htmlspecialchars() on $row["name"]
Try like this.
echo "<a href='".$row['name']."'>test</a>";
Related
This question already has answers here:
How do I include a yet to be defined variable inside a string? PHP
(6 answers)
Closed 3 years ago.
I currently have a row in a mysql table that has a variable in it, $item1. I wanted to know if there is a way to have it act as a variable. It would be easier for the project I'm working on if these variables could be stored in the mysql table and still remain dynamic.
When trying to echo this row, $item1 comes out as $item1, instead of acting as a variable.
So the mysql table looks like so
And the code looks like this.
$item1 = "Test";
echo "$row[1];"
As stated instead of getting "Hello Test"
I am getting
"Hello $item1"
Is there a way around this?
What you are looking for is the eval function of php. But it has nothing to do with mysqli
$item1 = "Test";
$itemFormDatabase = "$item1";
echo eval($itemFormDatabase)
Result
Test
But a note of caution: eval just executes everything as php code. If an attacker can modify the value given to it, he can do anything
This question already has answers here:
How to get and disect the query string appended into a url? PHP
(6 answers)
Closed 5 years ago.
I need some help. I need to get each individual values from query string using php $_SERVER['QUERY_STRING']. I am explaining my code below.
http://localhost/php/get.php?name=A + B&cid=20
This is the URL. Here I need to fetch each exact value differently.means the result should come name=A + B and cid=20. Here I am using $_SERVER['QUERY_STRING']. I am explaining my code below.
<?php
$query=$_SERVER['QUERY_STRING'];
echo $query;
?>
Please help me to resolve this issue.
Use this code and you can get the individual value of the variables:
echo "<pre>";
print_r($_GET);
echo "</pre>";
echo $_GET['name'];
echo $_GET['cid'];
This question already has answers here:
php echoing angle brackets
(4 answers)
Closed 9 years ago.
Example data in my database:
blabla<blabla
I use phpmyadmin and can see that the data has been input successfully.
However when I try to display the data what I get is:
blabla NOT blabla<blabla
In other words, everything after the < symbol does not display.
<?
while ($mouselist_row = mysql_fetch_array($mouselist)) {
$mouselist_commonstrain = mysql_real_escape_string($mouselist_row['Common_Strain']);
echo "$mouselist_commonstrain.";
}
?>
I tried using mysql_real_escape_string.
Is there something in particular needed to display the <?
thanks
You want something like:
echo htmlspecialchars($mouselist_commonstrain);
(It needs to be HTML escaped.)
try this
$mouselist_commonstrain = stripslashes(htmlspecialchars($mouselist_row['Common_Strain']));
Your problem isn't escaping SQL but HTML. As answered in this question you can use htmlspecialchars function.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Difference between single quote and double quote string in php
Hey I'm having trouble inserting page content into my database.
I'm trying to store:
<p class=\"heading_large\"><?php echo $Topic2C2A[data]; ?></p>
Using this code:
$sql="UPDATE event SET
data='<p class=\"heading_large\"><?php echo $Topic2C2A[data]; ?></p>'
WHERE id='2'";
But when I look at the table all I see is:
<p class="heading_large"><?php echo ; ?></p>
I've obviously escaped the HTML with slashes, is there something similar I need to do with the PHP so $Topic2C2A[data] is displayed?
I would suggest you write your $sql as:
$sql="UPDATE event SET data='<p class=\"heading_large\">".$Topic2C2A[data]."</p>' WHERE id='2'";
Your issue is related to the fact PHP is processing variables inside " (double) quotes.
You can change quotes to ' (single) or another option is to change $Topic2C2A[data] to \$Topic2C2A[data].
Did you try mysqli_real_escape_string()? It should return a fully escaped String!
This question already has answers here:
How do I pass variables and data from PHP to JavaScript?
(19 answers)
Closed 8 years ago.
<button class="addToPlaylist" onclick="javascript:myPopup(<?php echo $videos[$counter]?>);
return false;">+</button>
I have a button on an image as a html hyperlink. I want to perform different actions on hyperlink and button. The above code works whenever I do not pass the PHP variable using echo. When i pass PHP variable, the button also performs the same action as of the hyperlink, that means return false does not work.
Any idea why the return false; does not work when i pass PHP variable?
This should be:
<button class="addToPlaylist" onclick="javascript:myPopup('<?php echo $videos[$counter];?>');return false;">+</button>
Note the single quotes in myPopup. As you pass a string to myPopup, you will need to enclose it with single quotes. (Double won't work as there is already double quotes for the onclick)
I am quite sure $videos[$counter] is not numeric, but a string. In this case you have to write the quotes:
onclick="javascript:myPopup('<?php echo $videos[$counter]?>');
And make sure, $videos[$counter] doesn't contain any, something like
onclick="javascript:myPopup('<?php echo addslashes($videos[$counter])?>');
comes to mind.
onclick="javascript:myPopup("";return false;" . This should work and i think it's more clear where you have javascript code and php code.