I have a textarea having text with linebreaks (enter key). I am assigning the textarea content to a Javascript variable using PHP as following:
var textareaContent = '<?php echo trim( $_POST['textarea'] ) ?>';
Example content in textarea:
this is line 1
this is line 2
this is line 3
Which is generating following Javascript error because of the line breaks:
Unterminated string literal
I tried using nl2br function in PHP which places <br/> tag in each line break but line breaks are still there and so the Javascript error.
Please advise
I think you should use something like this:
var textareaContent = '<?php echo trim(preg_replace("/\n/", '\n', $_POST['textarea'])); ?>';
this code will chanhe all line breaks to escape sequence \n
Related
I encoded an array using json_encode() function and it gave me a string like this..
"[{"details":"power - 2000w \nac-220-240v \/ 50-60hz\n369 degree cordless base\n","model_id":"MC-EK3428 \/ MC-EK3328"}]"
as you can see it contains special characters like "\n"..I want these special characters to be replaced with "" because in javascript I am using the JSON.parse(); function to convert this string to an object..
but it gives me an error
syntaxerror : missing ) after argument list
I think this is because of the special characters in the string..how can I escape these?
Edit
php :
$view->jsonencoded_array = json_encode($array);
javascript :
var products = JSON.parse('<?php echo $jsonencoded_array; ?>');//this line gives me the error
update :
found out that the error is given in this :
'<?php echo $jsonencoded_array; ?>'
The problem here is that \n (and various other combinations) have special meaning inside a JavaScript string, and you are dumping your JSON into a JavaScript string without doing any conversion of those characters.
Since JSON is heavily inspired by JavaScript literal syntax, you can use json_encode to convert a PHP string into a JavaScript string.
There are some gotchas, the main one being that </script> can appear in a JSON text without causing any problems, but having that in the middle of your JavaScript <script> element is going to cause the HTML parser to cut off your JavaScript in the middle of the string … but PHP's default encoding rules will generate <\/script> which solves that problem.
So:
<?php
$json_array = json_encode($array);
$javascript_string = $json_encode($json_array);
?>
var products = JSON.parse(<?php echo $javascript_string; ?>);
That said. A JSON array is also a JavaScript array, so you can skip that step entirely.
<?php
$json_array = json_encode($array);
?>
var products = <?php echo $json_array; ?>;
There must something that you are missing or there is some other reason for your issue while parsing in JavaScript; because json_encode handles \n and other special characters such " \ etc. very well and escape them properly without any explicit work.
I would suggest you to check the JSON produced and you are supplying to JavaScript and see if there is something missing in between.
Note: You can do a str_replace but it is not advised. Better stick to json_encodesince its s standard function and it works well.
Edit:
You should be echoing $view->jsonencoded_array not just $jsonencoded_array, no need to parse already JSON object.
php :
$view->jsonencoded_array = json_encode($array);
javascript :
var products = <?php echo $view->jsonencoded_array; ?>;
json_encode() twice helped me to solve this issue..
$view->jsonencoded = json_encode(json_encode($array));
I create a link executing javascript if clicked. (And a div popup is displayed containing the content of $test)
The php code looks like:
echo "<a ID=\"it_$idnr\" class=\"tooltip\" href=\"javascript:it_popup('it_$idnr','$test');\">"
The problem is that in some cases this code produces an error:
Syntax error: unterminated string literal
It seams to that it happens only if the $test contains special chars like new line or quotation marks.
How can I prevent this perfectly?
A simple search and replace is not a solution, because it should not change the result.
You can json_encode it to make it js safe and html encode it to make it html safe
echo "<a ID=\"it_$idnr\" class=\"tooltip\" href=\"javascript:it_popup('it_$idnr',".htmlspecialchars(json_encode($test)).");\">"
I need to do the following:
<?php
$userContentFromDatabase = 'Some string that may contain "double quotes" ';
?>
<script type="text/javascript">
var userContent = "<?= $userContentFromDatabase ?>";
</script>
How can I avoid the double quotes from interfering with the JavaScript code?
Use json_encode() on the PHP side and return an object as this will take care of all of the slashes and what not that might break your code.
Or just add slashes using str_replace() if you think that the only problem area will be the double quotes.
You need more escaping than that if you want to safely output user data in a javascript variable. See rule 3 https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.233_-_JavaScript_Escape_Before_Inserting_Untrusted_Data_into_JavaScript_Data_Values
$str is loading dynamic content from admin panel (tinymce) in following format
$str = 'First Line
Second Line
Third Line';
Now when i try to access this variable then it gives me unterminated string literal
<script type="text/javascript">
$(document).ready(function() {
var a = '<?php echo $str;?>';
$('#abc').html(a);
});
</script>
<div id="abc"></div>
when i convert string to $str = 'First line Second line Third line'; then it does not give error but my string is in above way.
When dumping a PHP variable into JavaScript, ALWAYS use json_encode. Like this:
var a = <?php echo json_encode($str); ?>;
Note no quotes around the PHP code, this is important! PHP will add the quotes for you and escape everything correctly.
It's the line breaks, they're not valid inside a JavaScript string literal. If you want multiple lines in a JavaScript string, use a backslash (\):
var testString = 'This is \
a test';
Even then, multiple whitespace (including linebreaks) will be removed when it's set as the content of an HTML element.
That said, I don't see why you're using the JavaScript to do this at all, you could simply do:
<div id="jaspreet"><?php echo $str;?></div>
I have a JavaScript code that can replace new lines with %0D%0A
I need the same code in PHP.
This is how my JavaScript code looks like:
text = text.replace(/\n\r?/g, '%0D%0A');
I tried with PHP but I am getting only one line without newlines.
You don't need regular expressions for that. Simple string replacement will be enough.
Use str_replace function:
$test = 'Some very long text with multiple lines...';
$newText = str_replace(PHP_EOL, '%0D%0A', $text);
New line character differs in various systems. It's not a good idea to hard-code \n\r. Better solution is to use PHP_EOL constant.
a literal translation of your java code into php could use preg_replace
http://www.php.net/preg_replace
<?php
$text = "some text";
$text = preg_replace("\r\n","%0D%0A",$text);
?>