I am using this:
$variable = "Name is \"Bob\"";
$message = <<<EOF
<input type="text" value="$variable">
EOF;
And the result is :
Actually, this is synthetic example and I am working with db. But I tried: this synthetic example works (to simulate problem, actually it shows that what I am doing is not working).
Yes, the quotes will appear in the HTML.
Since the quotes will end the attribute value, you'll make the HTML invalid.
You need to make the variable HTML-safe with htmlspecialchars().
You are generating invalid HTML:
<input type="text" value="Name is "Bob"">
Please use htmlspecialchars() to encode $variable before insertion.
A heredoc is just a convenient shortcut for a multi-line echo. It doesn't care WHAT'S in the string, it'll just be output.
There is NO difference between the following two constructs:
$foo = "A string with an \" embedded quote";
echo <<<EOL
Hello, $foo, how are you
EOL;
echo "Hello, $foo, how are you";
The only real difference is that you don't have escape quotes in the rest of the string:
echo <<<EOL
This is a "quoted phrase" within a sentence
EOL;
echo "This is a \"quoted phrase\" within a sentence";
Related
I am having an issue with my results here.
Please someone can tell what I'm doing wrong.
I have this text inside a mysql field:
----------------------------------------------------
text “strange double quotes” "normal double quotes"
----------------------------------------------------
Inside a textarea I echo the string fron the database
<textarea>
$string = stripslashes(htmlspecialchars_decode($string,ENT_QUOTES));
echo htmlspecialchars($string);
</textarea>
And crashes (does not display anything).
but if I only have normal text or normal quotes:
"this is a correct text with quotes"
This works.
Do you know what I need to do?
TY
The code you have works as expected:
<?php
$string = 'text “strange double quotes” "normal double quotes"';
$string = stripslashes(htmlspecialchars_decode($string,ENT_QUOTES));
echo htmlspecialchars($string);
?>
Yields:
text “strange double quotes” "normal double quotes"
Check the value of $string before passing it into htmlspecialchars_decode, e.g.:
<?php
$string = null;
$string = stripslashes(htmlspecialchars_decode($string,ENT_QUOTES));
echo htmlspecialchars($string);
?>
Yields nothing/empty/blank, per your error description.
<?php echo nl2br($valueu->getarea($rows['province'].'|'.$rows['city'].'|'.$rows['area'],' ')); ?></td>
how to put a line break in between city and area when outputted to a browser.
Thanks
Use \n. Just add it with the sting like this I."\n" like pie.
You can also use nl2br like this echo nl2br("One line.\nAnother line.");
Try double quote "\n".
If you use single quote '\n', PHP will just interpret as a literal \n, but within double quote, it will parse it as an escape sequence (newline character) and echo it. More about strings here.
echo nl2br('Hello \n world');
// -> Hello \n world
echo nl2br("Hello \n world");
// -> Hello <br /> world
In a browser, you may need to use "<br/>" instead of a newline "\n".
echo($valueu->getarea($rows['province'].'|'.$rows['city'].'<br />'.$rows['area'],' '));
Something like that?
I have a PHP function that in echoing out a string, is losing some of the characters passed in it. Any reason why this would be happening?
I pass: $vhkvdov#jqlydk#p*_L#1qrlws|ufqh#KWLZ#1hwdgsX
It returns: #jqlydk#p*_L#1qrlws|ufqh#KWLZ#1hwdgsX
This is my PHP code:
<?php
function display($str) {
echo $str;
}
display("$vhkvdov#jqlydk#p*_L#1qrlws|ufqh#KWLZ#1hwdgsX");
?>
If you have $ in you string use single quotes:
display('$vhkvdov#jqlydk#p*_L#1qrlws|ufqh#KWLZ#1hwdgsX');
Otherwise PHP would try to use $vhkvdov as a variable name and replace it by its contents, what will be nothing as I expect that the variable is not set
PHP reference on strings
Note: During development I would set error_reporting in php.ini to
error_reporting=E_ALL | E_NOTICE;
and
display_errors=On
or
log_errors=On
error_log=PATH/TO/YOUR/LOG.file ; make sure this is writable by the web server
To see an error message like :
PHP Notice: Undefined variable: vhkvdov in
The problem is that you are using double quotes, which make PHP interpret the inner string for PHP variables.
Consider the following example:
$friend = "foo";
echo "hello $friend";
// Output: hello foo
Use single quotes instead if you do not want PHP to interpret the string contents.
$friend = "foo";
echo 'hello $friend';
// Output: hello $friend
Take a read of this to help clarify why this is happening:
http://php.net/manual/en/language.types.string.php
Specifically:
When a string is specified in double quotes or with heredoc, variables
are parsed within it.
This is whats happening with your code:
If a dollar sign ($) is encountered, the parser will greedily take as
many tokens as possible to form a valid variable name. Enclose the
variable name in curly braces to explicitly specify the end of the
name.
Here is an example:
<?php
$juice = "apple";
echo "He drank some $juice juice.".PHP_EOL;
// Invalid. "s" is a valid character for a variable name, but the variable is $juice.
echo "He drank some juice made of $juices.";
?>
The above example will output:
He drank some apple juice.
He drank some juice made of .
When you use single quotes, you will avoid this issue as the string taken litterally:
// Outputs: This will not expand: \n a newline
echo 'This will not expand: \n a newline';
// Outputs: Variables do not $expand $either
echo 'Variables do not $expand $either';
I cant get this to work and its driving me mad, pls help
echo "<a href='#' onclick='javascript:$.jGrowl
(\"".$_SESSION['product_description'][$i]."\")' >?</a>";
the problem comes down to the 'product_description' - those single ' marks are breaking it, what should i do sigh
EDIT: if i replace the .$_SESSION['product_description'][$i]. with a bunch of charecters it works, its not a problem with anything but PHP and those ''
Chances are the real problem lies with the $.jGrowl. Within double quotes, PHP tries to parse found variables. e.g.
$foo = 'foo';
echo "This is foo: $foo"; // output: This is foo: foo
So, to avoid this you need to escape the $ using \$ within the string...
echo "...\$.jGrowl..."
See this demo.
Keep this here for reference:
Escape them with a backslash, like you would with double quotes. e.g.
// which ever quote is used to encapsulate the string
// must be escaped within the output.
echo 'Hello, \'world!\''; // output: Hello, 'world!'
echo "Hello, \"world!\""; // output: Hello, "world!"
// but, if you use the opposite quote, it does not need
// to be escaped for output.
echo 'Hello, "world!"'; // output: Hello, "world!"
echo "Hello, 'world!'"; // output: Hello, 'world!'
See the PHP Docs on strings for more information and what characters need escaping.
Are you missing your opening "?
echo "<a href='#' onclick='javascript:$.jGrowl(\"".$_SESSION['product_description'][$i]."\")' >?</a>";
Make it
echo "<a href='#' onclick='javascript:$.jGrowl(\"".$_SESSION['product_description'][$i]."\")' >?</a>";
Try:
echo "<a href='#' onclick='javascript:\$.jGrowl(\"".str_replace('"','\"',$_SESSION['product_description'][$i])."\");' >?</a>";
You need to ensure you are escaping any double quotes within the value...
This one works for me:
echo "<a href=\"#\" onclick=\"javascript:$.jGrowl('".$_SESSION['product_description'][$i]."')\" >?</a>";
$city = 'London Paris Lisabona';
And i need print this string in textarea.
How print city in new line?
I need in textarea get this:
London
Paris
Lisabona
Code:
$city = 'London\nParis\nLisabona';
echo '<textarea>'.$city.'</textarea>';
result:
London\nParis\nLisabona
In general: Use \n for line breaks.
In your case (only works of cites don't consist of two words, i.e. each word must be a city):
$city = str_replace(' ',"\n", $str); // generates 'London\nParis\nLisabona'
Or if possible build the string with \n instead of spaces from the beginning.
Update:
Escaped character sequences like \n are only processed in double quoted strings. They are taken literally in single quoted strings (with two exceptions). Read more in the documentation:
To specify a literal single quote, escape it with a backslash (\). To specify a literal backslash, double it (\\). All other instances of backslash will be treated as a literal backslash: this means that the other escape sequences you might be used to, such as \r or \n, will be output literally as specified rather than having any special meaning.
Thus, you have to declare your strings as
$cities = "London\nParis\nLisabona";
Further note:
Whenever possible avoid echoing HTML with PHP. It makes it more difficult to debug the HTML. Instead, embed the PHP into HTML like so:
<?php
$cities = "London\nParis\nLisabona";
?>
<textarea><?php echo $cities; ?></textarea>
<?php
$city = "London\nParis\nLisabona";
?>
<textarea rows="3" cols="20">
<?php echo $city; ?>
</textarea>
$city = str_replace(' ', "<br />", $city);
If you echo it in HTML.
<textarea><?= str_replace(" ", "<br />", $city); ?></textarea>
If you want "\n" to be converted to line breaks, you need to use double-quotes instead of single quotes.
i.e.
$foo = 'a\nb\nc\n';
echo $foo;
> a\nb\nc\n
$foo = "a\nb\nc\n";
echo $foo;
> a
> b
> c
works in <textarea> form me, lines might get soft-wrapped though (but that is expected)