I need help escaping string parameters for a javascript function using PHP -


i dynamically creating anchor calls javascript function. works 1 string parameter not two. believe not escaping quotes around parameters correctly. in search answer came across following 

onclick="alert('<?echo $row['username']?>')"

and next 1 found left me baffled

echo('<button type="button" id="button'.$ctr.'"onclick="showmapsinfo(\''.str_replace("'", "\\'", $maps_name).'\', \''.str_replace("'", "\\'", $ctr).'\');"><img src="img/maps_logo.gif"></button><br/>');

if please

  1. explain why single quotes around username not have escaped?

  2. where there "dummies" write on escaping characters try decipher second example.

let's examine first example

onclick="alert('<?echo $row['username']?>')"

the important part here is, outside of <? … ?> pure html , never looked @ php interpreter. therefore, part relevant php code inside <? … ?>, namely echo $row['username']. here, 1 not need escaping.

your second example, in contrast

echo('<button type="button" id="button'.$ctr.'"onclick="showmapsinfo(\''.str_replace("'", "\\'", $maps_name).'\', \''.str_replace("'", "\\'", $ctr).'\');"><img src="img/maps_logo.gif"></button><br/>');

is written purely in php, no surrounding html. therefore, have careful quotes. let's build scratch see happens here. when build this, start with

echo('<button type="button" id="button1" onclick="showmapsinfo(\'...\');"><img src="img/maps_logo.gif"></button><br/>');

because single quotes used string delimiters, must escaped inside string \'. part inside javascript function. put simpler, above code boils down to

echo('showmapsinfo(\'...\');');

which results in

showmapsinfo('...');

when want insert dynamic parts instead of '...' part, need end string ' , concatenate .. suppose wanted insert variable $foobar in there, write:

echo('showmapsinfo(\''.$foobar.'\');');

which results in

showmapsinfo('<value of $foobar>');

your example not insert $foobar string, rather following expression:

str_replace("'", "\\'", $maps_name).'\', \''.str_replace("'", "\\'", $ctr)

which uses str_replace in order again escape content, little twist: not escaped php, resulting javascript! every single quote ' becomes escaped single quote \' in output, need write \\' because backslash needs escaped itself, in order produce backslash output.


Comments

Post a Comment

Popular posts from this blog

javascript - backbone.js Collection.add() doesn't `construct` (`initialize`) an object -

<!doctype html public "-//w3c//dtd xhtml 1.0 strict//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-strict.dtd"> <html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script> <script src="http://documentcloud.github.com/underscore/underscore-min.js"></script> <script src="http://documentcloud.github.com/backbone/backbone-min.js"></script> </head> <body> <button id="cmd_create_event" name="cmd_create_event" type="button">create new `event`</button> <script type="text/javascript"> var eventmodel = backbone.model.extend({ initialize : function() { console.log("`event` initialized. id: " + this.cid); this.bind("change:status", function() { console.log(this.get("status") + " value `status`"); }); this.bind("error", function(model, e...
Read more

php - Get uncommon values from two or more arrays -

is there function in php give array of uncommon values 2 or more arrays? for example: $array1 = array( "green", "red", "blue"); $array2 = array( "green", "yellow", "red"); .... $result = function_needed($array1, $array2,...); print_r($result); should give output: array("blue", "yellow", ...); use array_diff , array_merge : $result = array_merge(array_diff($array1, $array2), array_diff($array2, $array1)); here's demo. for multiple arrays, combine callback , array_reduce : function unique(&$a, $b) { return $a ? array_merge(array_diff($a, $b), array_diff($b, $a)) : $b; } $arrays = array( array('green', 'red', 'blue'), array('green', 'yellow', 'red') ); $result = array_reduce($arrays, 'unique'); and here's demo of that.
Read more

Adding duplicate array rows in Php -

i create function in php adds rows of array shared column value. so input. $test = array( array("c", 5, 6), array("c", 2, 3), array("test", 5, 6) ); and output. $testduplicatefree = array( array("c", 7, 9), array("test", 5, 6) ) ); i'm thinking function combine_duplicates($array,$col){ ... ... return $duplicatefreearray; } where $col duplicate free array. so, in case, combine_duplicates($test,0); would me desired output. this. <?php function combine_duplicates($array,$col) { $index = array(); foreach ($array $row) { $key = $row[$col]; if (!isset($index[$key])) { $index[$key] = $row; } else { ($i = 0; $i < count($row); ++$i) { if ($i != $col) { $index[$key][$i] += $row[$i]; } } } } return array_values($index); } $array = array( array("c", 5, 6), array("c", 2, 3), array("test", 5, 6) ); print_r(combine_duplicates($array, 0)); try here: http://codepad.org/mdhesqhi
Read more