I am having an issue with my results here.
Please someone can tell what I'm doing wrong.
I have this text inside a mysql field:
----------------------------------------------------
text “strange double quotes” "normal double quotes"
----------------------------------------------------
Inside a textarea I echo the string fron the database
<textarea>
$string = stripslashes(htmlspecialchars_decode($string,ENT_QUOTES));
echo htmlspecialchars($string);
</textarea>
And crashes (does not display anything).
but if I only have normal text or normal quotes:
"this is a correct text with quotes"
This works.
Do you know what I need to do?
TY
The code you have works as expected:
<?php
$string = 'text “strange double quotes” "normal double quotes"';
$string = stripslashes(htmlspecialchars_decode($string,ENT_QUOTES));
echo htmlspecialchars($string);
?>
Yields:
text “strange double quotes” "normal double quotes"
Check the value of $string before passing it into htmlspecialchars_decode, e.g.:
<?php
$string = null;
$string = stripslashes(htmlspecialchars_decode($string,ENT_QUOTES));
echo htmlspecialchars($string);
?>
Yields nothing/empty/blank, per your error description.
Related
I have a $_GET[q] from the URL. I am trying to ECHO the search term back into the search box. Sometimes people might submit queries encapsulated in quotes and in these cases the ECHO interprets the search term
ECHO $_GET[q];
as:
ECHO ""search term"";
and as a result I get a blank search box. Search queries with a single quote, like: Peter's house, work fine.
When I use:
mysqli_real_escape_string($conn, $_GET[q])
I only get a backslash in the search box.
How could I populate the search box with a search term encapsulated in double quotes?
You could also use:
echo str_replace('"','',$_GET[q]);
This will of course remove all double quotes, so if they may be valid somewhere in the search term then better might be:
echo str_replace('"','"',$_GET[q]);
Haven't tested this but this might also work:
echo html_entity_decode(htmlentities($_GET[q))
You could use addslashes
like this:
$t = 'peter "pan"';
echo addslashes($t); // outputs: peter \"pan\"
You can try:
$str = "Hello World!";
echo $str . "<br>";
echo chop($str,"");
Ouptput:
Hello World
Explanation:
The chop() function, helps you chop off the quotes anyone might add to string.
You can manipulate as appropriate for your code.
$str = preg_replace( '["|\']','', $_REQUEST['q'] );
echo( $str ); //no double, no single quotes, faster than str_replace when you have to make more than 1 call to str_replace
or...
$str = str_replace( '"','', $_REQUEST['q'] ); //no double quotes, faster than preg_replace when you only make one call to str_replace
echo( $str ); //no double quotes
<?php echo nl2br($valueu->getarea($rows['province'].'|'.$rows['city'].'|'.$rows['area'],' ')); ?></td>
how to put a line break in between city and area when outputted to a browser.
Thanks
Use \n. Just add it with the sting like this I."\n" like pie.
You can also use nl2br like this echo nl2br("One line.\nAnother line.");
Try double quote "\n".
If you use single quote '\n', PHP will just interpret as a literal \n, but within double quote, it will parse it as an escape sequence (newline character) and echo it. More about strings here.
echo nl2br('Hello \n world');
// -> Hello \n world
echo nl2br("Hello \n world");
// -> Hello <br /> world
In a browser, you may need to use "<br/>" instead of a newline "\n".
echo($valueu->getarea($rows['province'].'|'.$rows['city'].'<br />'.$rows['area'],' '));
Something like that?
I am using this:
$variable = "Name is \"Bob\"";
$message = <<<EOF
<input type="text" value="$variable">
EOF;
And the result is :
Actually, this is synthetic example and I am working with db. But I tried: this synthetic example works (to simulate problem, actually it shows that what I am doing is not working).
Yes, the quotes will appear in the HTML.
Since the quotes will end the attribute value, you'll make the HTML invalid.
You need to make the variable HTML-safe with htmlspecialchars().
You are generating invalid HTML:
<input type="text" value="Name is "Bob"">
Please use htmlspecialchars() to encode $variable before insertion.
A heredoc is just a convenient shortcut for a multi-line echo. It doesn't care WHAT'S in the string, it'll just be output.
There is NO difference between the following two constructs:
$foo = "A string with an \" embedded quote";
echo <<<EOL
Hello, $foo, how are you
EOL;
echo "Hello, $foo, how are you";
The only real difference is that you don't have escape quotes in the rest of the string:
echo <<<EOL
This is a "quoted phrase" within a sentence
EOL;
echo "This is a \"quoted phrase\" within a sentence";
$city = 'London Paris Lisabona';
And i need print this string in textarea.
How print city in new line?
I need in textarea get this:
London
Paris
Lisabona
Code:
$city = 'London\nParis\nLisabona';
echo '<textarea>'.$city.'</textarea>';
result:
London\nParis\nLisabona
In general: Use \n for line breaks.
In your case (only works of cites don't consist of two words, i.e. each word must be a city):
$city = str_replace(' ',"\n", $str); // generates 'London\nParis\nLisabona'
Or if possible build the string with \n instead of spaces from the beginning.
Update:
Escaped character sequences like \n are only processed in double quoted strings. They are taken literally in single quoted strings (with two exceptions). Read more in the documentation:
To specify a literal single quote, escape it with a backslash (\). To specify a literal backslash, double it (\\). All other instances of backslash will be treated as a literal backslash: this means that the other escape sequences you might be used to, such as \r or \n, will be output literally as specified rather than having any special meaning.
Thus, you have to declare your strings as
$cities = "London\nParis\nLisabona";
Further note:
Whenever possible avoid echoing HTML with PHP. It makes it more difficult to debug the HTML. Instead, embed the PHP into HTML like so:
<?php
$cities = "London\nParis\nLisabona";
?>
<textarea><?php echo $cities; ?></textarea>
<?php
$city = "London\nParis\nLisabona";
?>
<textarea rows="3" cols="20">
<?php echo $city; ?>
</textarea>
$city = str_replace(' ', "<br />", $city);
If you echo it in HTML.
<textarea><?= str_replace(" ", "<br />", $city); ?></textarea>
If you want "\n" to be converted to line breaks, you need to use double-quotes instead of single quotes.
i.e.
$foo = 'a\nb\nc\n';
echo $foo;
> a\nb\nc\n
$foo = "a\nb\nc\n";
echo $foo;
> a
> b
> c
works in <textarea> form me, lines might get soft-wrapped though (but that is expected)
simple problem baffling me...
i have a function:
function spitHTML() {
$html = '
<div>This is my title</div>\n
<div>This is a second div</div>';
return $html
}
echo $spitHTML();
Why is this actually spitting out the \n's?
Backslashes used in single quote strings do not work as escape characters (besides for the single quote itself).
$string1 = "\n"; // this is a newline
$string2 = '\n'; // this is a backslash followed by the letter n
$string3 = '\''; // this is a single quote
$string3 = "\""; // this is a double quote
So why use single quotes at all? The answer is simple: If you want to print, for example, HTML code, in which naturally there are a lot of double quotes, wrapping the string in single quotes is much more readable:
$html = '<div class="heading" style="align: center" id="content">';
This is far better than
$html = "<div class=\"heading\" style=\"align: center\" id=\"content\">";
Besides that, since PHP doesn't have to parse the single quote strings for variables and/or escaped characters, it processes these strings a bit faster.
Personally, I always use single quotes and attach newline characters from double quotes. This then looks like
$text = 'This is a standard text with non-processed $vars followed by a newline' . "\n";
But that's just a matter of taste :o)
Because you're using single quotes - change to double quotes and it will behave as you expect.
See the documentation for Single quoted strings.
Change ' to " :) (After that, all special chars and variable be noticed)
$html = "
<div>This is my title</div>\n
<div>This is a second div</div>";