simple problem baffling me...
i have a function:
function spitHTML() {
$html = '
<div>This is my title</div>\n
<div>This is a second div</div>';
return $html
}
echo $spitHTML();
Why is this actually spitting out the \n's?
Backslashes used in single quote strings do not work as escape characters (besides for the single quote itself).
$string1 = "\n"; // this is a newline
$string2 = '\n'; // this is a backslash followed by the letter n
$string3 = '\''; // this is a single quote
$string3 = "\""; // this is a double quote
So why use single quotes at all? The answer is simple: If you want to print, for example, HTML code, in which naturally there are a lot of double quotes, wrapping the string in single quotes is much more readable:
$html = '<div class="heading" style="align: center" id="content">';
This is far better than
$html = "<div class=\"heading\" style=\"align: center\" id=\"content\">";
Besides that, since PHP doesn't have to parse the single quote strings for variables and/or escaped characters, it processes these strings a bit faster.
Personally, I always use single quotes and attach newline characters from double quotes. This then looks like
$text = 'This is a standard text with non-processed $vars followed by a newline' . "\n";
But that's just a matter of taste :o)
Because you're using single quotes - change to double quotes and it will behave as you expect.
See the documentation for Single quoted strings.
Change ' to " :) (After that, all special chars and variable be noticed)
$html = "
<div>This is my title</div>\n
<div>This is a second div</div>";
Related
I have a $_GET[q] from the URL. I am trying to ECHO the search term back into the search box. Sometimes people might submit queries encapsulated in quotes and in these cases the ECHO interprets the search term
ECHO $_GET[q];
as:
ECHO ""search term"";
and as a result I get a blank search box. Search queries with a single quote, like: Peter's house, work fine.
When I use:
mysqli_real_escape_string($conn, $_GET[q])
I only get a backslash in the search box.
How could I populate the search box with a search term encapsulated in double quotes?
You could also use:
echo str_replace('"','',$_GET[q]);
This will of course remove all double quotes, so if they may be valid somewhere in the search term then better might be:
echo str_replace('"','"',$_GET[q]);
Haven't tested this but this might also work:
echo html_entity_decode(htmlentities($_GET[q))
You could use addslashes
like this:
$t = 'peter "pan"';
echo addslashes($t); // outputs: peter \"pan\"
You can try:
$str = "Hello World!";
echo $str . "<br>";
echo chop($str,"");
Ouptput:
Hello World
Explanation:
The chop() function, helps you chop off the quotes anyone might add to string.
You can manipulate as appropriate for your code.
$str = preg_replace( '["|\']','', $_REQUEST['q'] );
echo( $str ); //no double, no single quotes, faster than str_replace when you have to make more than 1 call to str_replace
or...
$str = str_replace( '"','', $_REQUEST['q'] ); //no double quotes, faster than preg_replace when you only make one call to str_replace
echo( $str ); //no double quotes
I am trying to go through the array string I called out from database and filtered to a readable state. The string could have a lot of \' and \", below is just an example.
$content = 'It\'s go to somewhere \"GREAT\"!';
I am trying to use str_replace but it is not working...
$content1= str_replace('\\\'', "'", $content );
$newcontent= str_replace('\\\"', '"', $content1 );
Output should be
It's go to somewhere "GREAT"!
instead.. I get
It\'s go to somewhere \"GREAT\"!
I looked at preg_replace, but I don't quite get all the /.. or where to start on it.
Please help.
Here's how
$content = 'It\'s go to somewhere \"GREAT\"!';
$content = stripslashes($content);
echo $content;
What you want to use is stripslashes($str).
Returns a string with backslashes stripped off. (\' becomes ' and so on.) Double backslashes (\) are made into a single backslash ().
$str = "Is your name O\'reilly?";
// Outputs: Is your name O'reilly?
echo stripslashes($str);
Let's say this is my script down here, as you can see I've used multiple " and '. These quotations conflict in ending the current php variable, so it basically sees this:
$message = "<?php echo '<div class="
As a string, whilst the quotation is only to define the class, not to end the variable. I've tried using ' but then it conflicts with the echo, so I'm kinda stuck at the moment.
<?php
$message = "
<?php
echo '<div class="gebruiker">';
$fh = fopen('_gebruiker.txt','r');
while ($line = fgets($fh)) {
echo($line);
}
fclose($fh);
echo '</div>';
?>
";
**MORE PHP CODE HERE**
?>
How can I use multiple quotations in one PHP script without them having conflicts.
If you use single quotes outside, you need to escape all single quotes inside, but can use double quotes and the dollar char without escaping.
If you use double quotes outside, you need to escape all double quotes and dollar chars inside, but can use single quotes without escaping.
If you use a heredoc string, you need to escape dollar chars but can use both single and double quotes without escaping.
If you use a nowdoc string, you do not need to escape anything unless you have FOO; in the string at the beginning of a new line.
So the solution is to use a nowdoc string:
$message = <<<'EOF'
your stuff with " or ' or $ here!
EOF;
Adding a backslash so PHP can recognize just only double quotes or quotes when escaped.
Example:
echo "<div class=\"gebruiker\">";
I suggest using either Heredoc or Nowdoc
Example
$foo = 'test';
// Heredoc
$here = <<<HERE
I'm here, $foo!
HERE;
// Nowdoc
$now = <<<'NOW'
I'm now, $foo!
NOW;
Heredoc will print the contents of $foo when echoed while Nowdoc will simply echo $foo.
In the references I added below you can do more reading up on this subject.
References:
php.net - strings
stackoverflow - advantages of heredoc vs nowdoc
You can escape the quotes with a slash character like so: \"
This should work, you can't open Php tag without closing before.
<?php
$message = '<div class="gebruiker">';
$fh = fopen('_gebruiker.txt','r');
while ($line = fgets($fh)) {
$message .=$line.'<br/>';
}
fclose($fh);
$message.='</div>';
echo $message;
**MORE PHP CODE HERE**
?>
I have these two lines that I would like to escape the $type variable:
$functionName = str_replace('-', '_', $type);
$output .= '<div class="tab-pane" id="'. $type .'">';
I tried escaping like below but its confusing me and not sure whether thats right:
$output .= '<div class="tab-pane" id="\'. $type .'\">';
Example 1: Variable between single quotes
If you use single quotes everything between them will always be treated as part of the string.
$output .= '<div class="tab-pane" id="' . $type . '">";
Example 2: Variable between double quotes (option 1)
If you have a variable that you want to pass in a string you can just put it in there if you use double quotes and de variable is nog 'touching' the other words. It should always have spaces.
$output .= "<p>i would like to $your_text_here with you.</p>";
Example 3: Escaping quotes in a string
Escaping characters in a string can be done by using a \ (backslash) before the character you want to escape.
$output .= "<div class=\"tab-pane\" id=\"example-id\">";
Example 4: Variable between double quotes without spaces next to it
You can place your variable between {} braces if you use double quotes (option 2)
$output .= "<div class=\"tab-pane\" id=\"{$type}\">";
This question was however already answered in Mixing PHP variable with string literal
Your first block is doing string replacements, but then you use the ORIGINAL string, not the replaced one:
$output .= '<div class="tab-pane" id="' . $functionName . '">';
would be more correct. On the second one, you're escaping the ' quotes, which means that you never terminate the string, meaning that the . $type . portion is treated as plaintext within the string, not a PHP concatenation operation. Try
$output .= '<div class="tab-pane" id="' . $type . '">';
instead. note the LACK of backslash escapes.
And of course, you could use a HEREDOC, eliminating any need to escape quotes entirely:
$output .= <<<EOL
<div class="tab-pane" id="{$functioName}">
EOL;
In this case, you don't need to escape at all. You only escape within the same type of quotes. You don't escape double inside single or single inside double.
So with 'o'reilly' you would escape like 'o\'reily'. But with "o'reilly" you'd just keep it as "o'reilly". But with "He said "hello"" you'd escape "He said \"hello\"". Yet, with 'He said "hello"' you would not escape at all.
But if your $type variable can contain double quotes, you will need to consider that to prevent your HTML from being broken in that case. How you would handle the quotes inside the variable $type would be by replacing the " with its HTML entity equivalent:
$output .= '<div class="tab-pane" id="' . str_replace('"', '"', $type) . '">';
Or use htmlentities() which will do the same replace as well as others.
Note, its the double quotes inside the variable you would want to handle, not to escape the single quotes outside. Because presumably the issue is that if the variable contained double quotes it would break your HTML since you are using double quotes around the value for id:
i.e. id="contents_of_type_variable"
If you had id="contents"_of_type_variable" your HTML would be broken.
So you change that to id="contents"_of_type_variable"
If you're trying to escape something else, it is due to a misunderstanding.
i'm using php on_start and ob_get_contents to echo html and store in a variable. However when I json encode and check the output it doesn't output the entire string. Could anyone help point out what I'm doing wrong
ob_start();
echo'<img src=\"images/editphotohover.png\"/>\"';
$photo = ob_get_contents();
ob_end_clean();
I get only get the ending anchor tag
in the json encode output
There is no need to escape double quotes here
echo'<a href=\"javascri...
just write this:
echo'<a href="javascri...
Double quotes are kept while in single quotes!
Additionally, note that escaping within single quotes has no effect:
"\t" renders as a TABULATOR character
'\t' renders as \t
The PHP documentation states this:
To specify a literal single quote, escape it with a backslash (\).
To specify a literal backslash before a single quote, or at the end of the string, double it (\\).
Note that attempting to escape any other character will print the backslash too.
Therefore, how about this code:
echo'<a href="javascript:pixlr.edit(
{ image: \'http://mywebite.com/uploads/$photo\',
title: \'' . $photoFileNameProper . '\',
service: \'express\',
exit:\'http://mywebsite.com/home\',
method: \'get\',
locktarget: \'true\',
target: \'http://mywebsite.com/plixr.php\',
locktitle: \'true\'
});"
id = "uploadedPhoto"
title = "click to enhance photo">
<img src="images/editphotohover.png"/>
</a>'
;