Ok, I am using PHP to parse XML file and to display it;s context to HTML. Here is the code.
Sample text is - Don't Give UP!
$xml = simplexml_load_file('data/quotes.xml');
foreach ($xml as $quote) {
$text = $quote->text;
echo '<div class="itemWrapper">'.
'<div class="quoteHolder">'.
'<p class="quote">'.$text.'</p>'.
'</div>'.
'<form class="selectionButtons">'.
"<input type='hidden' value='$text' name='quote'>".
'<input class="submitButton" type="button" value="create your design">'.
'</form>'.
'</div>';
}
So, when I use $text variable in paragraph it display's correctly, But when I pass it to the form's hidden field I only get: Don (so it stops right before that single quote) It happens with every text that has quotes. Why is that and what is wrong here?
try to use this one...
$this_text = "Don't give up!";
$text = htmlspecialchars($this_text, ENT_QUOTES);
echo "<input type='text' value='$text' />";
I have tested in already..
HTML input fields require that the contents be escaped. Conveniently, PHP has a function that does all the work for you:
$display_text = "Don't give up!";
$input_text = htmlspecialchars($text);
Reference
Related
I'm trying to build a comment system, each comment has a unique id, many comments can be associated with a post, and each post has a unique id. I want to pass the post id to a submit.php file (where comments are update to the database), but no matter what I tried I just can't pass the data. Currently I have something like this:
$sql="SELECT postid,post,pdate FROM posts";
$result = mysql_query($sql);
while($row = mysql_fetch_array($result)) {
echo '$row["post"]';
echo '<form action="submit.php" method="POST">';
echo '<input name="comment" type="text" id="comments"></input>';
echo '<input type="hidden" name="id" value="$row["postid"]" />';
echo '<input type="submit" value="enter comments" />';
}
?>
for testing purpose I have submit.php as follows,
<?php
$ha=$_POST['id'];
echo $ha;
?>
data of postid is not passed, and I just got "$row[" as output.
inside the while loop if I say $haha=$row["postid"]; echo "$haha"; then each individual post id will be printed correctly, but I just cannot pass the data to submit.php file.
update: I just changed my code to :
echo '<input type="hidden" name="id" value="' . $row["postid"] . '" />';
Now a number is succesfully passed to submit.php, the problem is ,it's always "3". My post id ranges from 3 to 13, post with id=3 is at the bottom of the page and post with id=13 is at the top.However,if I write a comment at the post with id=13(same issue occur to other posts as well), after clicking submit, the data passed to submit.php is always 3. Is there something wrong with the while loop?
Another update: it's always 3 because i forget to close the form tag, now everything worked perfectly
you're using single quote, so you cannot insert variables inside of string, use
echo '<input type="hidden" name="id" value="' . $row["postid"] . '" />';
In PHP, you can wrap a string in single-quotes ('), or double quotes (").
When you use single quotes, the string is not interpreted - this means that all the characters are left intact, and no variables are parsed.
When you use double quotes, any variables in the string will be replaced with their value.
In your case, you're using single quotes, so your variable is not being interpreted and converted. Instead, use double quotes:
$sql="SELECT postid,post,pdate FROM posts";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result)) {
echo $row["post"];
echo '<form action="submit.php" method="POST">';
echo '<input name="comment" type="text" id="comments"></input>';
echo "<input type=\"hidden\" name=\"id\" value=\"{$row["postid"]}\" />";
//Alternatively, keep the single quotes and use the concatenation method:
//echo '<input type="hidden" name="id" value="' . $row["postid"] . '" />';
echo '<input type="submit" value="enter comments" />';
//Also, if you're opening a form tag in this loop, be sure to close it
echo '</form>';
}
Some other things to note:
When you use double quotes to wrap your string, and you have double quotes inside your string, you must escape them (using a \). Notice name="id" became name=\"id\"; and
When referencing an item in an array within a string, you can either use string concatenation to ensure the full variable is interpreted correctly (value=\"" . $row["postid"] . "\"), or you can leave the variable in place and wrap it in curly brackets - which is my preference and is what is used above. If you're going to use the concatenation method, then you can keep the single quotes wrapping everything else - there are no variables to parse.
When echoing a variable value, you don't need to wrap it in anything - notice I removed the quotes from the first echo.
Here is PHP's documentation on strings, including single and double quoted strings: http://php.net/manual/en/language.types.string.php.
And here is PHP's documentation on string operators: http://php.net/manual/en/language.operators.string.php.
Try adding a conditional at the start of your file like this just to be sure the form is actually submitted properly:
<?php
if(isset($_POST['submit_form'])) {
$ha=$_POST['id'];
echo $ha;
}
with your button like this
<input type="submit" value="enter comments" name="submit_form"/>
and please close your form tag.
You can pass value as follow,
echo '<input type="hidden" name="id" value="' . $row["postid"] . '" >';
I have a json variable and I want to post it as a json format.
$json_value = json_encode($my_array);
...
echo '<input name="myvalue" type="hidden" value="'.$json_value.'" />';
...
in my function :
$posts = $this->input->post();
echo $posts['myvalue'];
but it is empty .
my form works correctly as I can fetch other values of inputs .
Change Your input to use single quotes inside
echo "<input name='myvalue' type='hidden' value='$json_value' />";
since you are using double quotes inside and $json_value also has double quotes so there is a conflict.
json_encode encoded values have quotes. So your hidden element value will break when first quote appears. There are some other methods to send php array using forms. I am adding one method here.
//On html side
foreach($my_array as $value) {
echo '<input name="myvalue[]" type="hidden" value="'.$value.'" />';
}
//On posted server side
$posts = $this->input->post();
$my_array = $posts['myvalue']; //<-- you can get your array here
I'm loading a variable from a database like:
$adres = $row['adres']; //(= "Hoge Filterweg")
Then using it in a echo like:
echo input type='text' name='adres' value='{$adres}'
It displays on the form only the first part of the adress ( "Hoge"), but not the whole adress.
What could I do now?
Single quotes surrounding the inline variable like value='{$adres}' dit the trick.
thanks
You need double quotes to pass params with space.
This code should help you:
echo "<input type=\"text\" name=\"adres\" value=\"{$adres}\" />"
So I'm iterating through a set value via a for loop, which will echo html input fields, every other echo'd html input field behaves as expected (including the name and id fields of the one below), however I keep getting syntax errors when trying to set the value as a postback to retain them on page submit.
Here is my code:
$type = "number".$i;
echo '<input type="text" name="'.$type.'" id="'.$type.'" value="'.<?php if (isset($_POST[$type])) { echo $_POST[$type]; } else { echo NULL;}.'" />';
Thanks in advance.
You have an extra <?php statement in the row. Since the line is echo '...'. you don't need to declare that more php code is coming. You can do something like this instead:
echo '<input type="text" name="'.$type.'" id="'.$type.'" value="';
if (isset($_POST[$type])) echo $_POST[$type];
echo '" />';
Although personally, I prefer to do something like <input [...] id="{$type}" [...]" outside of the php code, less messy.
my code starts with multiple php arrays with XML data being passed through multiple checkboxes in the following way($i cycles through items in XML doc, values pass specific data in row i that is selected):
$MoneyLine = $event->periods->period[0]->moneyline; //background info
$AwayMoneyLine[] = $MoneyLine->moneyline_visiting; //background info
<input type='checkbox' name='AwayMoneyLine' value='$Date[$i];$AwayRotNum[$i];$AwayParticipantName[$i];$ATotalPoints[$i]'/>
On my next page, I pass the variables in the following manner, but they are not resulting on the next page.:
if(isset($_POST['AwayMoneyLine'])){
foreach($_POST['AwayMoneyLine'] as $value) {
$d = explode(';',$value);
echo '<input type="hidden" name="hidden[]" value="$d[0];$d[1];$d[2];$d[3];$d[4]">';
Here is how I'm attempting to get the data on the next page. Any suggestions on how I can pass the variables through to this page? On the form (also on var_dump of $d), I get $d[0], $d[1], etc. Any help is greatly appreciated!:
foreach($_POST['hidden'] as $value) {
$f = explode(';',$value);
echo 'Here is your following bet:';
echo '<table cellpadding="0" cellspacing="0" border="1" bordercolor="#585858" width=100%>';
echo "<tr><td>$e[0]</td><td>$f[0]</td><td>$f[1]</td><td>$f[2]</td><td>$f[3]</td><td>$f[4]</td></tr>";
}
echo '</table>';
Change the code to:
echo "<input type=\"hidden\" name=\"hidden[]\" value=\"$d[0];$d[1];$d[2];$d[3];$d[4]\">";
$d[0];$d[1];$d[2];$d[3];$d[4] will not be printed as you put inside single quote. You should use double quote and escape attributes like type=\"hidden\", name=\"hidden[]\", etc.,
eg:
<?php
$name = 'foo';
echo "$name";
echo '<br />';
echo '$name';
?>
Output:
foo
$name
use $serial=serialize($array);
echo "<input type=\"hidden\" name=\"hiddenfield\" value=\"<?php echo$serial; ?>">";