开发者

PHP generated JavaScript onClick, with PHP array, quotes problem

echo '<a onClick="articleDeleteConfirm("'.
      $row["title_$lang"].'","'.$_GET["editPage"]).'">';

The main problem is with: $row["title_$lang"], I have to use $lang variable inside. " and ' just not enough开发者_开发技巧.


The problem you describe actually has nothing to do with your PHP variables, those are all being output as expected. The problem is that you need to escape the " inside of the <a> and you've misplaced a ).

Your original would output:

<a onClick="articleDeleteConfirm("value1","value2">

That is not valid HTML (even the highlighter dislikes it). Now, notice the \'s in the following (and that the paren was moved into the string).

echo '<a onClick="articleDeleteConfirm(\''
     .$row["title_".$lang."].'\',\''.$_GET["editPage"].'\')">';

The escaped version outputs:

<a onClick="articleDeleteConfirm('value1','value2')">

It uses single quotes inside of double quotes to provide easy to read (and valid) html. Now, you have another issue with your code.

Any time you output a $_REQUEST variable to the browser, you risk something called cross-site-scripting. Someone could put JavaScript into $_GET["editPage"] and it would smell bad. The easy way to avoid it? Use htmlentities($_GET["editPage"])


I had same problem too, I don't know exactly why but I had syntax error no matter what I did, So I tried this and got answer.

The problem is that you're using a double quotation to open onClick and again you're using another double quotation to open an string.

Use this and you'll get answer.

echo '<a onClick="articleDeleteConfirm('.char(39).$row["title_$lang"].char(39).','.char(39).$_GET["editPage"]).char(39).'>';
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜