Convert ' and " inside a string to be used inside a variable. (Javascript) - javascript

can someone help me with this please. I need to get this stored in a variable as a long string. I have a function called that simple inserts this into the DOM appended to another div. Everything works perfectly fine except I cant work out how to store this string with all the 's and "s inside it. I have tried using \ and unescape methods i have found in my search but cant seem to get anything to work. Can anyone help me out please?
'<div class="centerContent"><P>Please fill in the form below to send an email to H.O.V.A.R.<br/>All fields are required.</p><?php if(!empty($errors)): ?><div class="errorPanel"><ul><li><?php echo implode('</li><li>',$errors); ?></li></ul></div><?php endif ?><form action="contact.php" method="post" accept-charset="utf-8"><label>Your Name:<input type="text" name="name" style="display:block" autocomplete="off"<?php echo isset($fields['name']) ? 'value="' . e($fields['name']) . '"' : '' ?>></label><label>Your email address:<input type="text" name="email" style="display:block" autocomplete="off"<?php echo isset($fields['email']) ? 'value="' . e($fields['email']) . '"' : '' ?>></label><label>Your Message:<textarea name="message" rows="10" style="display:block"><?php echo isset($fields['message']) ? e($fields['message']) : '' ?></textarea></label><input type="submit" value="Send" style="display:block"></form></div>'

Although the following shows how to escape quotes, having such a long string is quite unwieldy and it's unclear what you are trying to ultimately achieve...
Also, as you are also attempting to insert content from PHP, this will also need to be escaped in a similar fashion.
var HTML = "<div class=\"centerContent\"><P>Please fill in the form below to send an email to H.O.V.A.R.<br/>All fields are required.</p><?php if(!empty($errors)): ?><div class=\"errorPanel\"><ul><li><?php echo implode('</li><li>',$errors); ?></li></ul></div><?php endif ?><form action=\"contact.php\" method=\"post\" accept-charset=\"utf-8\"><label>Your Name:<input type=\"text\" name=\"name\" style=\"display:block\" autocomplete=\"off\"<?php echo isset($fields['name']) ? 'value=\"' . e($fields['name']) . '\"' : '' ?>></label><label>Your email address:<input type=\"text\" name=\"email\" style=\"display:block\" autocomplete=\"off\"<?php echo isset($fields['email']) ? 'value=\"' . e($fields['email']) . '\"' : '' ?>></label><label>Your Message:<textarea name=\"message\" rows=\"10\" style=\"display:block\"><?php echo isset($fields['message']) ? e($fields['message']) : '' ?></textarea></label><input type=\"submit\" value=\"Send\" style=\"display:block\"></form></div>";
console.log(HTML);

Since your string starts with single quote, you need to escape every single quote during the time you are building the string (if you were starting the string with double quote you had to escape the double qotes). I.e inside the string every single quote needs to be escaped by a back-slash in front of it (like so: \'). You cannot do this when using the string, since PHP and/or Javascript will complain about the string having illegal tokens.
When you do so, you can echo it in PHP, but since it is a string it will not give you the result you wanted. You'll either get a distorted form or an error depending on the technique used.
This all boils down to having PHP calls in the string. What you therefor should do is eliminating the php calls in your string. So insted of entering "<?php .... ?>" in the string you should enter the outcome of the PHP call into the string.

Related

get the value of a php variable in an input using javascript

I want to concatenate the value of my variable $variable with the value of my input using javascirpt
$variable= file_get_contents('./env.txt');
<select id="customer_id" name="customer_id" w300 required pj-chosen" data-msg-required="<?php __('lblFieldRequired');?>" onchange="document.getElementById('title').value=this.value + 'P' + **$variable**">
...
<input type="text" name="title" id="title" class="pj-form-field w400 required" data-msg-required="<?php __('lblFieldRequired');?>" data-msg-remote="<?php __('lblTitleUsed');?>" value=""><script></script>
Ok so why not echo out the variable?
PHP:
onchange="document.getElementById('title').value=this.value + 'P' + '<?php echo addslashes($variable) ?>'">
The addslashes call will escape quotes against security problems.
If $variable does not change a more elegant way is to make the $variable a JavaScript variable and then use it normally. This makes the JavaScript part more readable, but of course other programmers will have to be aware that you add that variable via PHP.
PHP:
// somewhere at the beginning of your body tag:
<script>
window.variable = '<?php echo addslashes($variable) ?>';
</script>
HTML:
<... onchange="document.getElementById('title').value=this.value + 'P' + window.variable" />
I wrote this off the top of my head - please tell if this worked as I intended.
On the line below you've already got some PHP inline in the HTML, outputting values into those data attributes.
For $variable you can follow much the same pattern as that, except you'll need to explicitly echo the variable so it gets embedded into the JavaScript (I assume those other functions echo within them, removing the need for another one):
onchange="document.getElementById('title').value=this.value + 'P' + '<?php echo addslashes($variable); ?>'"

Javascript String Parameter with space doesnt work

as the title already says I am calling a onclick method in php, but every string with a space in it seems to fail.
php (mysql loop)
echo '<img onclick=test("'.$row['name'].'","name'.$row['id'].'") src="blabla.png"/>';
javascript
function test(vali, id){
alert(vali); //Maria, Josef (but not "Michael Jackson")
alert(id); //name23, name28
}
As I said if its a string without a space, alert method is getting called and shows the text, however with at least one space nothing happens.
Your whole onclick handler needs to be quoted. You then need to also HTML-escape the quotes inside it.
echo '<img onclick="test("'.$row['name'].'","name'.$row['id'].'")" src="blabla.png"/>';
In the HTML this will then appear as
<img onclick="test("A Name With Spaces","name1")" src="blabla.png"/>
And the javascript part is ultimately decoded to
test("A Name With Spaces","name1")
You can use it like below
<img onclick='test("<?php echo $row['name']; ?>",name="<?php echo $row['id']; ?>")' src="blabla.png"/>

Javascript / Php : set textarea value

I have the following script, which returns 2 values from my database.
$(document).ready(function() {
<?
$link=new mysqli($serveur,$login,$pass,$base);
mysqli_set_charset($link, "utf8");
$r=mysqli_query($link, "select sujet,corps from mail where type='Création_rationnaire'");
while($row = mysqli_fetch_array($r)) {
?>
document.getElementById("sujet").value="<? echo $row[sujet];?>";
document.getElementById("te").value="<? echo $row[corps];?>";
<? }mysqli_close($link); ?>
});
Here are my 2 forms, one is a classic Input, the other is a textarea.
<input id='sujet' class="form-field">
<textarea id="te" class="textarea" rows="9" cols="70"></textarea>
The problem is : my SQL request works in MySQL, but when "corps" is echoed as above, nothing appears in the Inputs, like the script was crashing... Only "sujet" can be echoed successfully. So... why, just why ? Thanks in advance for whoever helps me.
EDIT : all I can echo in the "te" textbox is a single string like this : echo 'something';... but nothing else works...
Try this
document.getElementById("sujet").value="<? echo $row['sujet'];?>";
document.getElementById("te").text="<? echo $row['corps'];?>";
or if you use jquery
var message = <?php echo $row['corps']; ?>;
$("#te").val(message);
Textarea does not have a value but it does have text.
in an input box you would have <input type="text" value="example" /> and in a text area the value is inside the element like so
<textarea>example</textarea>
A other way is to use innerHtml (javascript) or html (jquery) .
But note that html tags will be display with one of these options
document.getElementById("te").innerHTML="<? echo $row['corps'];?>";
<textarea> doesn't have value property. Since you are using jQuery to bind document ready, you can use jQuery to set the value.
$("#sujet").val("<? echo $row[sujet];?>");
$("#te").html("<? echo $row[corps];?>");
What is the value of $row[corps]? Is it empty string? Does it contain double quote, or newline characters? If it contains any of them, it will break your javascript source code. What does javascript source code look like when you check source code inside the browser?
It works by inserting the values directly into the plain html forms. I usually use this javascript function because I have tons of forms to fill in my program, and it never failed until now... So my function above was good, but we still don't know why it failed in this particular case...
Problem solved anyways... thanks to everyone.

Apostrophes issu with php and jscript

I have this piece of code, which doesn't work, I couldn't find where is the problem?
$texttt = "blabla";
echo "<div onclick='select(\" page d \' accueil \");'>".$texttt."</div><br/>";
function select(text){
alert(text);
}
" is breaking your php statement
echo "<div onclick=\"select(' page d\' accueil ');\">\"Page d'accueil\"</div><br/>";
function select(text){
alert(text);
}
try to use addslashes and htmlentities to escape the quotes between text
$texttt = htmlentities(addslashes($text), ENT_QUOTES);
echo "<div onclick='select(\"$texttt\");'>$texttt</div><br/>";
Use single quotes for PHP. I use single quotes for PHP (which is server side script) and double quotes for client side scripts unless it is not obligatory.
echo '<div onclick="select(\'page d\'accueil\');">"Page d\'accueil"</div><br/>';
the problem is sourced by single quote in d'accueil:
I dont know if it is possible to escape a string which is located in another escaped string.
The possibilities:
You can change the grammar rules of your language:
Affects too many people.
Not applicable.
You can change the way of typing single quote: using ' in context.
I have typed a new code (which is working well) for you :
<?php
echo '<div onclick="select(this.innerHTML);">"Page d'accueil"</div><br/>';
?>
<script>
function select(text){
alert(text);
}
</script>
you should avoid useless quotes before you get lost inside.
"Page d'accueil" don't need to be between quotes so remove them.
Use one kind (single or double quotes) for the first level of quoting, and the other for the next levels, and keep that it mind.
<? php echo '<div onclick="select(\" page d\' accueil \");">Page d\'accueil</div><br/>'; ?>
<script type="text/javascript">
function select(text){
alert(text);
}
</script>
you can use heredoc syntax
refreence : http://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc
echo <<<EOT
My name is "$name". I am printing some $foo->foo.
Now, I am printing some {$foo->bar[1]}.
This should print a capital 'A': \x41
EOT;
also try this:
echo json_encode("<div onclick='select(" page d ' accueil ");'>{$texttt}</div><br/>");

proper onclick format

What is the proper way of doing this?
$chatterhtml .= '<span style="float:right;" >
x
</span>';
I am receiving an error in Firefox SyntaxError: syntax error deletecmnt(this, but this worked up until I changed from a input text to text area.
The problem is that you are using quotes to delimit your values in the javascript AND in your HTML. The result is something like:
onClick="deletecmnt(this, "0", "someurl.html");"
which is not valid. The onClick here becomes truncated to just onClick="deletecmnt(this, " and the rest is treated as invalid HTML attribute data
Instead, you should do something like:
$chatterhtml .= "<span style=\"float: right;\">" .
"x" .
"</span>";
Your Resultant HTML is not valid. You have double quotes within double quotes un escaped. Try this
$chatterhtml .= '<span style="float:right;" >x</span>';

Categories

Resources