Monday, June 3, 2024
Homepage · php
 Popular · Latest · Hot · Upcoming
132
rated 0 times [  136] [ 4]  / answers: 1 / hits: 31049  / 13 Years ago, wed, april 13, 2011, 12:00:00

There are many questions about escaping single and double quotes but I have had no luck finding an answer that solves my particular problem.



I have a PHP function that dynamically returns an image with an onClick event that calls a Javascript function with the name of an object as an argument like so:



$response = <img src=images/action_delete.gif onClick=confirmDelete(' . $event->getName() . ')/>;


The Javascript function should display a confirmation dialogue at some point like this:



confirm('Delete event ' + name + ' ?')


How should I format $response in PHP to make sure the Javascript confirm won't mess up when the user enters a name containing ' or or ' or ?


More From » php
 Answers
10

You could escape any quotes in php using htmlspecialchars or htmlentities, however this doesn't solve the issue of single quotes, even if ENT_QUOTES is set.



Doing a little testing I see the following should work, although it may not be very elegant:



$name = htmlentities(str_replace(', ', $event->getName()));

$response = <img src=images/action_delete.gif onClick=confirmDelete(' . $name . ')/>;


Hope that helps


[#92762] Tuesday, April 12, 2011, 13 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
tyreese
Add To Favorites
Follow
Total Points: 739
Total Questions: 95
Total Answers: 98
Location: Belize
Member since Mon, Jun 20, 2022
2 Years ago
tyreese questions
Thu, May 12, 22, 00:00, 2 Years ago
Sun, Jan 9, 22, 00:00, 2 Years ago
Sat, Dec 11, 21, 00:00, 3 Years ago
Wed, Sep 2, 20, 00:00, 4 Years ago
Sat, Jul 11, 20, 00:00, 4 Years ago
View All
;