I am using fusion maps in one of my application.
In one of the example i have to pass the value from one map to another charts,
I am facing one problem if the data passed is numeric its displaying alert message correctly but if it is a string it generates an error:
NM is not defined
javascript:alert(NM)()
My code is as below:
$strXML .= "<entity id='" . $rs1['Internal_Id'] . "' value='" . round((($rs1['datap'] / $sumdata) * 100),2) . "' link='javascript:alert(".($rs1['Internal_Id']) . ")' />";
If i change the link part (passing single quotes in alert)that is:
$strXML .= "<entity id='" . $rs1['Internal_Id'] . "' value='" . round((($rs1['datap'] / $sumdata) * 100),2) . "' link='javascript:alert('".($rs1['Internal_Id']) . "')' />";
It displays invalid xml data.
Please help me on this
Thanks
Pankaj
Use \" rather than ' to surround the JavaScript string.
$strXML .= "<entity id='" . $rs1['Internal_Id'] . "' value='" . round((($rs1['datap'] / $sumdata) * 100),2) . "' link='javascript:alert(\"".($rs1['Internal_Id']) . "\")' />";
What is happening is that the xml produced is like so:
<entity id='NM' value='1' link='javascript:alert('NM')'/>
Which as you should be able to see from SOs syntax highlighting ends the value for the link attribute after javascript:alert(' as you are using the same quotes for the javascript as you are using for surrounding the attribute values.
Using a different quote (" rather than ') doesn't end the attribute value (again see the syntax highlighting)
<entity id='NM' value='1' link='javascript:alert("NM")'/>
In PHP we have to escape the quote (Using \) so it isn't interpreted as a special character by the php interpreter and used to end the string, which is why in php you have to write \"
You should change your
ink='javascript:alert('".($rs1['Internal_Id']) . "')'
by
ink='javascript:alert(\"".($rs1['Internal_Id']) . "\")'
Try:
$strXML .= "<entity id='" . $rs1['Internal_Id'] . "' value='" . round((($rs1['datap'] / $sumdata) * 100),2) . "' link='javascript:alert(\"".($rs1['Internal_Id']) . "\")' />";
Basically escaping your alert quotation marks :)
Related
I have a php file that is receiving some checkbox values from a form. Both the checkbox name and value are set up to match an Item_Name field in a mysql table. My current attempt is below:
while($row = $items->fetch_assoc()){
if( isset($_POST[$row['Item_Name']])) {
\\ Code to perform if true, mostly echoes
}
}
//Checkbox setup:
echo "<input type='checkbox' name=" . $row['Item_Name'] . "value=" . $row['Item_Name'] . ">"
$items is the data returned by my query of the mysql table. Currently none of the echoes inside the if are triggering so I think something is wrong with my if statement, but I'm to new to php to know what is wrong exactly.
Your problem is in your checkbox setup; you are missing quotes around the name and value attributes. Try this instead:
echo "<input type='checkbox' name=\"" . $row['Item_Name'] . "\" value=\"" . $row['Item_Name'] . "\">";
I have a page that is running an SQL query. I am displaying information for each row that the query results in. I am now trying to implement a way to update the information for the things being displayed.
My understanding is that in order to get information from one page to another you need to use sessions.
My code is displaying the information from the MySQL tables, then underneath it is giving the user the choice to edit the information in a form then send it to another file
One way of easily doing this is to use <input type="hidden"> so that you can include $row['Toy_ID'] in your form.
Something like this:
$row = $result->fetch_assoc();
while ($row){
echo "Toy Name: " . $row['Toy_Name'] . "<br>" .
"Store Name: . $row['Store_Name'] . "<br>" .
"Cost: " . $row['Cost'] . "";
echo "<form action='update.php' method='post'>" .
"<input type='hidden' name='toyid' value='".$row['Toy_ID']."'>" . // here's the hidden input, which you can call by using `$_POST['toyid']`
"<label>Toy Name: </label><input name='tname'; value='" . $row['Toy_Name'] . "'><br>" .
"<label>Store Name: </label><input name='storename'; value='" . $row['Store_Name'] . "'><br>" .
"<label>Cost: </label><input name='cost'; value='" . $row['Cost'] . "'><br>" .
"<input type='submit' value='Submit'>" .
"</form></div><br><br>";
$row = $result->fetch_assoc();
}
Then change your query to make use of $_POST['toyid'] instead of $_SESSION['toyid']
I use Microdata attributes in HTML code.
How can I add Microdata attributes to the following tag (PHP)?
if (!empty($speciality)) {
echo "<p><strong>" . __('Speciality', 'framework') . "</strong><span>" . $speciality . "</span></p>";}
The page will not load when I enter the following way :
echo "<p itemscope itemtype="https://schema.org/medicalSpecialty"><strong>" . __('Speciality', 'framework') . "</strong><span itemprop="medicalSpecialty" >" . $speciality . "</span></p>";
you are using double quotes in a double quotes which is wrong, use backslash or single quote when you need.
Try This code
echo "<p itemscope itemtype='https://schema.org/medicalSpecialty'><strong>" . __('Speciality', 'framework') . "</strong><span itemprop='medicalSpecialty' >" . $speciality . "</span></p>";
You're mixing single and double quotes but you need to reserve either single or double quotes to escape the string so that your PHP isn't read as HTML when echoed. The below snippet will work without any errors:
if (!empty($speciality)) {
echo "<p itemscope itemtype='https://schema.org/medicalSpecialty'><strong>'".
__('Speciality', 'framework') . "'</strong><span itemprop='medicalSpecialty'
>'" . $speciality . "'</span></p>";
}
This appears right to me but it is incorrect (code hint coloring around '{$row["type"]}' is wrong wrong -- from the color it is in my IDE it's been considering a string, and it's throwing an error when i run it in the browser). I've spent hours trying to figure this out on my own to no avail. Any help would be greatly appreciated.
echo "<select selected = '{$row["type"]}' name='expense[" . $id . "][type]' >" . $type_options . "</select>";
When using arrays in strings, you can't use quotes. Just skip them.
echo "<select selected = '{$row[type]}' name='expense[" . $id . "][type]' >" . $type_options . "</select>";
Your quotes arren't right.
echo '<select selected ="'.$row["type"].'" name="expense['.$id.'][type]">'.$type_options.'</select>';
You currently have a problem with unescaped double quotes terminating your string. My suggestion would be to use the more standard double-quotes for your HTML element properties, and use single quotes to delineate your strings, with variable concatenated. Liek this:
echo '<select selected = "' . {$row["type"]} . '" name="expense[' . $id . '][type]">' . $type_options . '</select>';
or for even better readability, use printf
$format = '<select selected = "%s" name="expense[%d][type]">%s</select>';
printf($format, $row['type'], $id, $type_options);
$type_options = "options";
echo $type_options;
Have you not tried this?
echo "This works: {$row['type']}";
Your code wont work because you have an empty string before you echo your variable.
echo "#EMPTY STRING HERE!" . $type_options . "#EMPTY STRING HERE!";
Why are you doing that?
Use this
echo $type_options;
Or even this if you want content in your string
echo "Content" . $type_options . "Content";
This is my PHP/MySQL script:
<?php
mysql_connect('localhost', 'root', 'test') or die (mysql_error());
mysql_select_db('info1') or die (mysql_error());
$result = mysql_query("SELECT * from automobiles");
//Table starting tag and header cells
while($row = mysql_fetch_array($result)){
//Display the results in different cells
echo "<dd><dl><img src=' " . $row['image'] . " '>" . $row['manufacturer'] ." " . $row['model'] . "</dd></dl>";
echo "<dd><dl>" . $row['carinfo'] . "</dd></dl>";
}
//Table closing tag
echo "</table>";
?>
However, would it work if I did it this way:
{$myvariable}
Is it a good idea to code the variables with the braces, or as:
echo " . $row['variable']. "
Any help is appreciated, thanks!
You can do this:
echo "<dd><dl>{$row['carinfo']}</dd></dl>";
You cannot do this:
echo "<dd><dl>$row['carinfo']</dd></dl>";
This also wont work:
echo '<dd><dl>{$row['carinfo']}</dd></dl>';
Your output would actually be:
<dd><dl>{$row[ SOME PHP ERROR
This is due to using single quotes instead of double quotes. And the error would be because you did not escape the single quotes inside the variable.
If you did this:
echo '<dd><dl>{$row["carinfo"]}</dd></dl>';
Your output would actually be:
<dd><dl>{$row["carinfo"]}</dd></dl>
For the same single quote vs double quote reasoning.
I personally prefer using the " " . $row['variable']. " " syntax because it's easier to read code, specially if you have a code syntax highlighter. But using this syntax is acceptable: "{$var['field']}".