Hello,

I am trying to output HTML and JavaScript using PHP as the following:

<span style="float:right;">
<input type="button" value="Edit" onclick="startEditCategory('<?php
echo("{$categoryId}"); ?>', '<?php echo("{$categoryName}"); ?>');" />
</span>

The $categoryName variable can contain single and double quotes, so
how can I escape them?

Thanks.

On 10 Apr, 20:44, Ahmad <ah... [at] medicfusion.com> wrote:
> Hello,
>
> I am trying to output HTML and JavaScript using PHP as the following:
>
> <span style="float:right;">
> <input type="button" value="Edit" onclick="startEditCategory('<?php
> echo("{$categoryId}"); ?>', '<?php echo("{$categoryName}"); ?>');" />
> </span>
>
> The $categoryName variable can contain single and double quotes, so
> how can I escape them?
>

Also losing the syntactic overkill:

<input type="button" value="Edit" onclick="startEditCategory('<?php
echo htmlentities($categoryId); ?>', '<?php echo
htmlentities($categoryName); ?>');" />

C.

On Apr 10, 11:14 pm, "C. (http://symcbean.blogspot.com/)"
<colin.mckin... [at] gmail.com> wrote:
> On 10 Apr, 20:44, Ahmad <ah... [at] medicfusion.com> wrote:
>
> > Hello,
>
> > I am trying to output HTML and JavaScript using PHP as the following:
>
> > <span style="float:right;">
> > <input type="button" value="Edit" onclick="startEditCategory('<?php
> > echo("{$categoryId}"); ?>', '<?php echo("{$categoryName}"); ?>');" />
> > </span>
>
> > The $categoryName variable can contain single and double quotes, so
> > how can I escape them?
>
> Also losing the syntactic overkill:
>
> <input type="button" value="Edit" onclick="startEditCategory('<?php
> echo htmlentities($categoryId); ?>', '<?php echo
> htmlentities($categoryName); ?>');" />
>
> C.

That is right but I don't want to convert all HTML special characters
and how to convert the variables back on the javascript function?

Ahmad escribió:
> <span style="float:right;">
> <input type="button" value="Edit" onclick="startEditCategory('<?php
> echo("{$categoryId}"); ?>', '<?php echo("{$categoryName}"); ?>');" />
> </span>
>
> The $categoryName variable can contain single and double quotes, so
> how can I escape them?

With htmlspecialchars().

BTW, do you actually know what "{$categoryId}" does? You provide an
array and tell PHP to parse it to find variables and replace them with
their values. That could make sense with stuff like "Hello, $name\n" but
not with an array that just contains a variable.



--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://bits.demogracia.com
-- Mi web de humor al baño María: http://www.demogracia.com
--