RE: [PHP] Quotes in Heredoc
At 8:23 AM -0500 2/28/11, Bob McConnell wrote: From: Ashim Kapoor From Ashley Sheridan The quotes you mention are in the HTML, nothing to do with PHP. HTML will work without the quotes in most cases (unless there's a space in the value for the attribute) but the quotes are required in XHTML and will cause unexpected results. Can you elaborate on the XHTML part? Do you mean they are required in XHTML but optional in HTML ? Please keep your attribution levels straight. XHTML also requires all tags, attribute labels and values to be in lower case and values must be quoted. So your original content should be You should install the HTML Validtor plug-in for Firefox and use it regularly to catch all of the errors you can. Some of this can also be replaced with style sheets. Bob McConnell In addition to what Bob wrote, do yourself a favor and use css to more style declarations (cellpadding, border, align) to a css file. That's much easier to maintain. Cheers, tedd -- --- http://sperling.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Quotes in Heredoc
From: Ashim Kapoor > From Ashley Sheridan >> The quotes you mention are in the HTML, nothing to do with PHP. HTML will >> work without the quotes in most cases (unless there's a space in the value >> for the attribute) but the quotes are required in XHTML and will cause >> unexpected results. > > Can you elaborate on the XHTML part? Do you mean they are required in XHTML > but optional in HTML ? Please keep your attribution levels straight. XHTML also requires all tags, attribute labels and values to be in lower case and values must be quoted. So your original content should be You should install the HTML Validtor plug-in for Firefox and use it regularly to catch all of the errors you can. Some of this can also be replaced with style sheets. Bob McConnell -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in Heredoc
Yes, in HTML the quotes are optional, but they are required in XHTML documents: > http://www.w3.org/TR/xhtml1/diffs.html#h-4.4 > Ok Thank you, Ashim
Re: [PHP] Quotes in Heredoc
On Sat, 2011-02-26 at 16:27 +0530, Ashim Kapoor wrote: > The quotes you mention are in the HTML, nothing to do with PHP. HTML will > work without the quotes in most cases (unless there's a space in the value > for the attribute) but the quotes are required in XHTML and will cause > unexpected results. > > Can you elaborate on the XHTML part? Do you mean they are required in XHTML > but optional in HTML ? > > Many thanks, > Ashim. Yes, in HTML the quotes are optional, but they are required in XHTML documents: http://www.w3.org/TR/xhtml1/diffs.html#h-4.4 Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Quotes in Heredoc
The quotes you mention are in the HTML, nothing to do with PHP. HTML will work without the quotes in most cases (unless there's a space in the value for the attribute) but the quotes are required in XHTML and will cause unexpected results. Can you elaborate on the XHTML part? Do you mean they are required in XHTML but optional in HTML ? Many thanks, Ashim.
Re: [PHP] Quotes in Heredoc
On Sat, 2011-02-26 at 14:41 +0530, Ashim Kapoor wrote: > Dear All, > > I am learning PHP by reading a book. My query pertains to the following > lines : - > > $form_str = <<< EOFORMSTR > WIDTH=621> > > SRC=../images/spacer.gif> > > > . > > My query is that is it true that we don't need to do > > > ie. we don't need to quote the value of the options in Heredoc. Is that > correct? > > Many thanks, > Ashim. The quotes you mention are in the HTML, nothing to do with PHP. HTML will work without the quotes in most cases (unless there's a space in the value for the attribute) but the quotes are required in XHTML and will cause unexpected results. The only difference Heredoc makes in PHP is that the strings you write don't require characters to be escaped, which you would have to do normally in traditional quoted strings. Thanks, Ash http://www.ashleysheridan.co.uk
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 16:18, Bill Guion wrote: > At 8:31 AM -0400 08/06/10, tedd wrote: > >> Cheers, >> >> tedd >> >> PS: Considering that this is Friday. I have a grammar question for the >> group. I said above: >> >> "neither CSS, PHP, or any web language exist in a vacuum." >> >> Is the word "neither" appropriate in this sentence? >> >> Normally, two items can be compared by "neither" or "nor", but what about >> more than two items? Is it appropriate to use "neither" or "nor" for more >> than two items? > > Somewhere along the line, probably in college (if it were before college, it > would have been so long ago I would have forgotten it), a professor said to > handle this sort of thing thusly: > > neither A, nor B, nor C > > A little more wordy, but completely unambiguous. "neither CSS, PHP, nor any web language exist in a vacuum." would probably do. All negatives, so little wiggle room really. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 8:31 AM -0400 08/06/10, tedd wrote: Cheers, tedd PS: Considering that this is Friday. I have a grammar question for the group. I said above: "neither CSS, PHP, or any web language exist in a vacuum." Is the word "neither" appropriate in this sentence? Normally, two items can be compared by "neither" or "nor", but what about more than two items? Is it appropriate to use "neither" or "nor" for more than two items? Somewhere along the line, probably in college (if it were before college, it would have been so long ago I would have forgotten it), a professor said to handle this sort of thing thusly: neither A, nor B, nor C A little more wordy, but completely unambiguous. -= Bill =- -- Don't find fault. Find a remedy. - Henry Ford -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 9:09 AM -0400 8/6/10, Andrew Ballard wrote: On Fri, Aug 6, 2010 at 8:31 AM, tedd wrote: While it may not be obvious, the statement: > is flawed (IMO). The "best" way to handle this is to define a class (or id) for the table in a css file and then set the border (i.e., styling) to whatever you want. For example, your HTML would look like: And your CSS would contain: .my_table { border: 1px solid black; } I more or less agree with you, but sometimes it's technically a little more difficult than that. -snip- As is often the case with CSS, that's a good bit more text to accomplish the same effect as an older, smaller attribute. :-) Andrew Andrew: The problem you cite is well said and your point is well taken. However, the main point I am making is to move this problem totally out of the HTML/PHP arena and place it where it belongs, which is inside CSS -- after it *is* a presentation problem. IMO, it is *far* better to deal with browser comparability problems from one CSS file than it is to sort through all your PHP files looking for the phrase . From my experience, when you have a problem, it is always better to give it a name and deal with it from one location. As for "older, smaller attributes", they are only getting older and their importance lessens with time (I can relate.) :-) Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Fri, Aug 6, 2010 at 8:31 AM, tedd wrote: > While it may not be obvious, the statement: > > > > is flawed (IMO). > > The "best" way to handle this is to define a class (or id) for the table in > a css file and then set the border (i.e., styling) to whatever you want. For > example, your HTML would look like: > > > > And your CSS would contain: > > .my_table > { > border: 1px solid black; > } > I more or less agree with you, but sometimes it's technically a little more difficult than that. The border attribute on the table tag affects not only the table itself, but also the cells inside it. The CSS attribute only draws a border around the table. I believe the CSS equivalent of how most browsers (I tested Fx 3.6.8, IE 7, Google Chrome 5, Opera 10.53, and Safari (Windows) 5.0.1) render takes a little more: table.my_table, table.my_table > thead > tr > th, table.my_table > tbody > tr > th, table.my_table > tfoot > tr > th, table.my_table > thead > tr > td, table.my_table > tbody > tr > td, table.my_table > tfoot > tr > td { border: solid 1px black; } And, of the browsers listed above, IE7 did not render the table correctly. (I'm guessing it must not properly handle the child CSS selectors.) If you do it without the child selectors: table.my_table, table.my_table th, table.my_table td { border: solid 1px black; } All the browsers render it the same, but it has the side effect that cells in nested tables also inherit the borders unless you do something to exclude them: table.my_table, table.my_table th, table.my_table td { border: solid 1px black; } table.my_table table, table.my_table table th, table.my_table table td { border: none; } As is often the case with CSS, that's a good bit more text to accomplish the same effect as an older, smaller attribute. :-) Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 13:31, tedd wrote: >I have a grammar question for the > group. I said above: > > "neither CSS, PHP, or any web language exist in a vacuum." > > Is the word "neither" appropriate in this sentence? > > Normally, two items can be compared by "neither" or "nor", but what about > more than two items? Is it appropriate to use "neither" or "nor" for more > than two items? > http://en.wikipedia.org/wiki/Neither says that "either" can be used for many items if they are in a list (like you've used), so neither would probably follow the same argument. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Aug 6, 2010, at 8:08 AM, tedd wrote: > At 10:10 PM -0400 8/5/10, Rick Dwyer wrote: >> 2nd question, in the 3 [2] lines below: >> >> $checkstat = "select field from table where fieldid = $field_id"; >> $result1 = @mysql_query($checkstat,$connection) or die("Couldn't execute >> query"); >> >> If I were to recode in the latter style, should they not look like this: >> >> $checkstat = 'select field from table where fieldid = "'.$field_id.'"'; >> $result1 = @mysql_query($checkstat,$connection) or die('Couldn\'t execute >> query'); > > Rick: > > Others gave you good advice on quotes, but I'll address your second question > on database queries. > > The following is in the form of what I normally do: > > $query = "SELECT field FROM table WHERE field_id = '$field_id' "; > $result = mysql_query($query) or die("Couldn't execute query"); > > Please note these are my preferences (others may have different preferences): > > 1. I use UPPERCASE for all MySQL syntax. > > 2. I do not use the @ before mysql_query because that suppresses errors. I > prefer to see errors and fix them. > > 3. It's not necessary to include the second argument (i.e., $connection) in > mysql_query. > > 4. IMO, a query should be named $query and a result should be named $result. > If I have several results, then I use $result1, $result2, $result3, and so on. > > 5. I try to match MySQL field names to PHP variable names, such as field_id = > '$field_id'. This makes it easier for me to read and debug. > > 6. Also note that the PHP variable $field_id is enclosed in single quotes > within the query. > > 7. For sake of readability, in the query I also place a space after the last > single quote and before the ending double quote, such as field_id = > '$field_id' ". -- I do not like, nor is it readable, to have a singledouble > quote (i.e., '"). > > There is one additional thing that I do, but it requires an included > function. For your kind review, in my query I do this: > > $result = mysql_query($query) or die(report($query,__LINE__,__FILE__))); > > and the report function I include to the script is: > > // show dB errors == > > function report($query, $line, $file) > { > echo($query . '' .$line . '' . $file . '' . mysql_error()); > } > ?> > > That way, if something goes wrong, the report function will show in what file > and at what line number the error occurred. Now, this is OK for development, > but for production you should comment out the echo so you don't report errors > publicly. Besides, you should have all the errors fixed before your script > becomes production anyway, right? :-) > > HTH, > > tedd > Tedd, Well said! I pretty much follow those same standards as well. Especially with the naming of variables to match field names. I also make sure that any form field names match my database names. It makes updating and inserting records so much easier! I've written a database class that allows me to update and insert records as easily as this: $db->insert("table_name",$_POST); $db->update("table_name","id_field_name",$id,$_POST); And, yes, I do sanitize the data to make sure it doesn't do bad things to my database! :) Take care, Floyd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 9:05 PM -0700 8/5/10, Michael Shadle wrote: Leave the single quotes for parameters, indexes, code, not attributes - $.02 Agreed. "Render unto Caesar (HTML) the things that are Caesar's and unto God (PHP -- Lord forgive me) the things that are God's." In other words, when writing code in another language use the syntax that is appropriate for that language Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 11:00 PM -0400 8/5/10, Paul M Foster wrote: On Thu, Aug 05, 2010 at 10:10:26PM -0400, Rick Dwyer wrote: > echo " And elsewhere on the page it follows: > echo ' Not acceptable and sloppy. Be consistent in your coding style. In general, HTML attributes should be surrounded by double quotes. I don't know about javascript. Moreover, it's generally better to simply output HTML rather than to echo it, like: Rick: I agree with Paul. I would only add that you should use what languages best serve your needs. While it may not be obvious, the statement: is flawed (IMO). The "best" way to handle this is to define a class (or id) for the table in a css file and then set the border (i.e., styling) to whatever you want. For example, your HTML would look like: And your CSS would contain: .my_table { border: 1px solid black; } That way at some future date, you may want to change the border color, size, whatever and it's a trivial thing to do so without having to search through all your code to find ill-placed styling attributes. As I always say, neither CSS, PHP, or any web language exist in a vacuum. It always best to use whatever language that makes your life (and others) simpler. Cheers, tedd PS: Considering that this is Friday. I have a grammar question for the group. I said above: "neither CSS, PHP, or any web language exist in a vacuum." Is the word "neither" appropriate in this sentence? Normally, two items can be compared by "neither" or "nor", but what about more than two items? Is it appropriate to use "neither" or "nor" for more than two items? -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
At 10:10 PM -0400 8/5/10, Rick Dwyer wrote: 2nd question, in the 3 [2] lines below: $checkstat = "select field from table where fieldid = $field_id"; $result1 = @mysql_query($checkstat,$connection) or die("Couldn't execute query"); If I were to recode in the latter style, should they not look like this: $checkstat = 'select field from table where fieldid = "'.$field_id.'"'; $result1 = @mysql_query($checkstat,$connection) or die('Couldn\'t execute query'); Rick: Others gave you good advice on quotes, but I'll address your second question on database queries. The following is in the form of what I normally do: $query = "SELECT field FROM table WHERE field_id = '$field_id' "; $result = mysql_query($query) or die("Couldn't execute query"); Please note these are my preferences (others may have different preferences): 1. I use UPPERCASE for all MySQL syntax. 2. I do not use the @ before mysql_query because that suppresses errors. I prefer to see errors and fix them. 3. It's not necessary to include the second argument (i.e., $connection) in mysql_query. 4. IMO, a query should be named $query and a result should be named $result. If I have several results, then I use $result1, $result2, $result3, and so on. 5. I try to match MySQL field names to PHP variable names, such as field_id = '$field_id'. This makes it easier for me to read and debug. 6. Also note that the PHP variable $field_id is enclosed in single quotes within the query. 7. For sake of readability, in the query I also place a space after the last single quote and before the ending double quote, such as field_id = '$field_id' ". -- I do not like, nor is it readable, to have a singledouble quote (i.e., '"). There is one additional thing that I do, but it requires an included function. For your kind review, in my query I do this: $result = mysql_query($query) or die(report($query,__LINE__,__FILE__))); and the report function I include to the script is: ' .$line . '' . $file . '' . mysql_error()); } ?> That way, if something goes wrong, the report function will show in what file and at what line number the error occurred. Now, this is OK for development, but for production you should comment out the echo so you don't report errors publicly. Besides, you should have all the errors fixed before your script becomes production anyway, right? :-) HTH, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 07:34, Peter Lind wrote: > On 6 August 2010 04:10, Rick Dwyer wrote: >> Hi List. >> I've mentioned before that I am both just beginning to learn PHP AND I have >> inherited a number of pages that I'm trying to clean up the w3c validation >> on. >> >> Something that confuses me is how the code on the page is written where in >> one instance, it follows this: >> >> echo " >> >> And elsewhere on the page it follows: >> >> echo ' >> >> In what I've read and from many of the suggestions from this board, the >> latter seems to be the better way to code, generally speaking. >> > > It isn't better or worse. The only thing that makes a difference is > what suits you - stick to what works for you. Both double-quotes and > single-quotes can result in gotchas (in double quotes you have to > escape more, which you have to keep in mind, whereas in single quotes > you have a lot less power, which you might forget). There's no > difference in performance, which leaves just one thing: personal > preference. > > Regards > Peter > > -- > > WWW: http://plphp.dk / http://plind.dk > LinkedIn: http://www.linkedin.com/in/plind > BeWelcome/Couchsurfing: Fake51 > Twitter: http://twitter.com/kafe15 > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You also have heredoc ... 'A "daft" div. Click me and you\'re a numpty.'); echo << All In One The div below should say that it is a "daft" div and if you click it then you're a numpty. {$array['value']} END_HTML_WITH_EMBEDDED_JS; ?> will output ... All In One A "daft" div. Click me and you're a numpty. The above example shows how escaping can be minimized. I've done it manually, but it could have been done by using htmlentities() or htmlspecialchars() with ENT_QUOTES. Only the JS code needed the escaping. The \" because the " is in an attribute value (which used " as the delimiter) and the \' because the ' is used as a string delimiter for the alert() call. Obviously, it IS a bit of a mess. Using normal string concatenation, it becomes a lot harder. 'A "daft" div. Click me and you\'re a numpty.'); echo " All In One The div below should say that it is a \"daft\" div and if you click it then you're a numpty. {$array['value']} "; ?> So, 3 \. The first \ is to escape the second \, the third to escape the ". Which results in \" which is an escape of the " in the HTML. Now imagine the above string was a search and replace via some regular expression. Sure you _can_ work it out, but sometimes you just keep adding \ until it works. You may need upto 6 \ in a row... or more! Richard. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On 6 August 2010 04:10, Rick Dwyer wrote: > Hi List. > I've mentioned before that I am both just beginning to learn PHP AND I have > inherited a number of pages that I'm trying to clean up the w3c validation on. > > Something that confuses me is how the code on the page is written where in > one instance, it follows this: > > echo " > > And elsewhere on the page it follows: > > echo ' > > In what I've read and from many of the suggestions from this board, the > latter seems to be the better way to code, generally speaking. > It isn't better or worse. The only thing that makes a difference is what suits you - stick to what works for you. Both double-quotes and single-quotes can result in gotchas (in double quotes you have to escape more, which you have to keep in mind, whereas in single quotes you have a lot less power, which you might forget). There's no difference in performance, which leaves just one thing: personal preference. Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Thu, Aug 5, 2010 at 8:51 PM, Adam Richardson wrote: > Tim Bray, who knows a little bit about XML dialects (tongue in cheek), > appears to default to the single quote as his delimiter of choice: > http://www.tbray.org/ongoing/ Side note, looks like his stuff is auto-generated by something, so it's defined once and replicated many times for templating... but also I do see some attributes with double quotes mixed in, i.e.: I work for Google, but the opinions expressed here are my own, and no other party necessarily agrees with them. A full disclosure of my professional interests is on the author page. Contributions Comment feed for ongoing: Serif · Sans-Serif I should say also - double quotes helps when using inline JavaScript in attributes too :) add that to my reasons. I just default to double quotes because of history developing things, it just works easier. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Thu, Aug 5, 2010 at 8:51 PM, Adam Richardson wrote: > I would suggest that saying is "the wrong way" is a > rather strong assessment. Whether you're talking about SGML (the > grandparent), XML (the parent), or XHTML, the use of a single quote is > perfectly valid, and has served a purpose since inception. If I'm crafting > markup and embedding something that has a double quote within an attribute > (often times an alt attribute on an image), I don't hesitate to use the > single quote as the attribute delimiter. That said, it's often easier if > you standardize on one, and most choose to use double quotes the default > delimiter. > That said, if there are some sources to point to that make a case for the > deprecation of single quotes in (X)HTML attributes, please let me know. Well, most people use htmlspecialchars() to encode text for safe display to a browser. By default, it only encodes double quotes: http://php.net/htmlspecialchars "The default mode, ENT_COMPAT, is the backwards compatible mode which only translates the double-quote character and leaves the single-quote untranslated." We've run into issues where we thought our forms were fairly secure, but some people decided to echo "" type stuff, which works fine if you encapsulate attributes in double quotes, but in single quotes, we found out that anyone who had a single quote in that value would break the page. Now, I typically use a central wrapper function for encoding and decoding, and if it was in use there, sure, I could have thrown in ENT_QUOTES and solved that issue. However, the vast majority of everything uses double quotes, and there is not really a reason to NOT use them. Of course, I put it out there like that to simply push it because it should be appropriate for everyone. You are right though - it WILL work with single quotes (as we can see), but I recommend a single way of doing things to keep things consistent, and it has been the unspoken standard everywhere I've ever looked for markup... (Funny enough, that page has an example with a single quoted attribute) Leave the single quotes for parameters, indexes, code, not attributes - $.02 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Thu, Aug 5, 2010 at 10:53 PM, Rick Dwyer wrote: > > On Aug 5, 2010, at 10:43 PM, Michael Shadle wrote: > > > > > For HTML, -always- use double quotes. > > > > is the right way. > > is the wrong way. > > > > I'd go into more explanation but there simply doesn't need to be one. > I would suggest that saying is "the wrong way" is a rather strong assessment. Whether you're talking about SGML (the grandparent), XML (the parent), or XHTML, the use of a single quote is perfectly valid, and has served a purpose since inception. If I'm crafting markup and embedding something that has a double quote within an attribute (often times an alt attribute on an image), I don't hesitate to use the single quote as the attribute delimiter. That said, it's often easier if you standardize on one, and most choose to use double quotes the default delimiter. Tim Bray, who knows a little bit about XML dialects (tongue in cheek), appears to default to the single quote as his delimiter of choice: http://www.tbray.org/ongoing/ Now, speaking to questions/concerns about javascript events frequent use of single quotes beg the question: Why are you embedding javascript events into the markup of the page? I'm aware of many sources that advocate against mixing javascript and html in this way (see the books PPK on Javascript, DOM Scripting, etc.) That said, if there are some sources to point to that make a case for the deprecation of single quotes in (X)HTML attributes, please let me know. Adam -- Nephtali: PHP web framework that functions beautifully http://nephtaliproject.com
Re: [PHP] Quotes vs. Single Quote
On Thu, Aug 05, 2010 at 10:10:26PM -0400, Rick Dwyer wrote: > Hi List. > I've mentioned before that I am both just beginning to learn PHP AND I have > inherited a number of pages that I'm trying to clean up the w3c validation on. > > Something that confuses me is how the code on the page is written where in > one instance, it follows this: > > echo " > > And elsewhere on the page it follows: > > echo ' > > In what I've read and from many of the suggestions from this board, the > latter seems to be the better way to code, generally speaking. > > So given that the page has javascript in it, perhaps the reason for the > previous developer switching between the two was for ease of incorporating > JS? Don't really know... but what I would like to know is it considered > poor coding switch between the two on a single page or is it perfectly > acceptable? > Not acceptable and sloppy. Be consistent in your coding style. In general, HTML attributes should be surrounded by double quotes. I don't know about javascript. Moreover, it's generally better to simply output HTML rather than to echo it, like: > 2nd question, in the 3 lines below: > > $_SESSION['newpage'] = $newpage; > $checkstat = "select field from table where fieldid = $field_id"; > $result1 = @mysql_query($checkstat,$connection) or die("Couldn't execute > query"); > > > If I were to recode in the latter style, should they not look like this: > > $_SESSION['newpage'] = $newpage; > $checkstat = 'select field from table where fieldid = "'.$field_id.'"'; > $result1 = @mysql_query($checkstat,$connection) or die('Couldn\'t execute > query'); > This is a matter of taste, but I've heard that if you can do it without string concatenation, it executes faster. In my opinion, the former is better because it's easier to follow than the second, where you have strings concatenated with single and double quotes all over the place. Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Aug 5, 2010, at 10:43 PM, Michael Shadle wrote: > On Thu, Aug 5, 2010 at 7:10 PM, Rick Dwyer wrote: >> Hi List. >> I've mentioned before that I am both just beginning to learn PHP AND I have >> inherited a number of pages that I'm trying to clean up the w3c validation >> on. >> >> Something that confuses me is how the code on the page is written where in >> one instance, it follows this: >> >> echo " >> >> And elsewhere on the page it follows: >> >> echo ' >> >> In what I've read and from many of the suggestions from this board, the >> latter seems to be the better way to code, generally speaking. >> >> So given that the page has javascript in it, perhaps the reason for the >> previous developer switching between the two was for ease of incorporating >> JS? Don't really know... but what I would like to know is it considered >> poor coding switch between the two on a single page or is it perfectly >> acceptable? >> >> 2nd question, in the 3 lines below: >> >> $_SESSION['newpage'] = $newpage; >> $checkstat = "select field from table where fieldid = $field_id"; >> $result1 = @mysql_query($checkstat,$connection) or die("Couldn't execute >> query"); > > You could always do: > > $result1 = mysql_query("SELECT field FROM table WHERE fieldid = > $field_id", $connection) or die("Couldn't execute query"); > > a) I capped SQL verbs. Make it more readable :) > b) why make a variable just to throw it in the next line? > c) Make sure $field_id is truly an integer. If not, intval, > mysql_escape_string, something along those lines. Also put it in > single quotes if not an integer. > d) I left double quotes in the error, because it has a single quote > inside of it. The small micro-optimization performance you might get > is probably not worth the readability factor. > > My general rules of thumb: > > I use double quotes if: > a) I have single quotes inside the string > b) I need variables to be parsed > c) I need control characters like \n parsed > > I use single quotes always: > a) For array indexes $foo['bar'] > b) If I don't need variable parsing, control characters, etc. why not? > > You'll get a minimal performance gain by using single quotes > everywhere in PHP where you don't -need- double quotes, but that's a > micro-optimization and there's probably more important things for you > to be doing. > > For HTML, -always- use double quotes. > > is the right way. > is the wrong way. > > I'd go into more explanation but there simply doesn't need to be one. Michael: Well put.. exactly the type of instruction I was looking for. Thanks, --Rick -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Thu, Aug 5, 2010 at 7:10 PM, Rick Dwyer wrote: > Hi List. > I've mentioned before that I am both just beginning to learn PHP AND I have > inherited a number of pages that I'm trying to clean up the w3c validation on. > > Something that confuses me is how the code on the page is written where in > one instance, it follows this: > > echo " > > And elsewhere on the page it follows: > > echo ' > > In what I've read and from many of the suggestions from this board, the > latter seems to be the better way to code, generally speaking. > > So given that the page has javascript in it, perhaps the reason for the > previous developer switching between the two was for ease of incorporating > JS? Don't really know... but what I would like to know is it considered > poor coding switch between the two on a single page or is it perfectly > acceptable? > > 2nd question, in the 3 lines below: > > $_SESSION['newpage'] = $newpage; > $checkstat = "select field from table where fieldid = $field_id"; > $result1 = @mysql_query($checkstat,$connection) or die("Couldn't execute > query"); You could always do: $result1 = mysql_query("SELECT field FROM table WHERE fieldid = $field_id", $connection) or die("Couldn't execute query"); a) I capped SQL verbs. Make it more readable :) b) why make a variable just to throw it in the next line? c) Make sure $field_id is truly an integer. If not, intval, mysql_escape_string, something along those lines. Also put it in single quotes if not an integer. d) I left double quotes in the error, because it has a single quote inside of it. The small micro-optimization performance you might get is probably not worth the readability factor. My general rules of thumb: I use double quotes if: a) I have single quotes inside the string b) I need variables to be parsed c) I need control characters like \n parsed I use single quotes always: a) For array indexes $foo['bar'] b) If I don't need variable parsing, control characters, etc. why not? You'll get a minimal performance gain by using single quotes everywhere in PHP where you don't -need- double quotes, but that's a micro-optimization and there's probably more important things for you to be doing. For HTML, -always- use double quotes. is the right way. is the wrong way. I'd go into more explanation but there simply doesn't need to be one. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes vs. Single Quote
On Aug 5, 2010, at 10:10 PM, Rick Dwyer wrote: > Hi List. > I've mentioned before that I am both just beginning to learn PHP AND I have > inherited a number of pages that I'm trying to clean up the w3c validation on. > > Something that confuses me is how the code on the page is written where in > one instance, it follows this: > > echo " > > And elsewhere on the page it follows: > > echo ' > > In what I've read and from many of the suggestions from this board, the > latter seems to be the better way to code, generally speaking. > > So given that the page has javascript in it, perhaps the reason for the > previous developer switching between the two was for ease of incorporating > JS? Don't really know... but what I would like to know is it considered > poor coding switch between the two on a single page or is it perfectly > acceptable? > > 2nd question, in the 3 lines below: > > $_SESSION['newpage'] = $newpage; > $checkstat = "select field from table where fieldid = $field_id"; > $result1 = @mysql_query($checkstat,$connection) or die("Couldn't execute > query"); > > > If I were to recode in the latter style, should they not look like this: > > $_SESSION['newpage'] = $newpage; > $checkstat = 'select field from table where fieldid = "'.$field_id.'"'; > $result1 = @mysql_query($checkstat,$connection) or die('Couldn\'t execute > query'); > > > The focus being here: > > "'.$field_id.'"'; > ('Couldn\'t execute query') > > Is this correct? > > Thanks for the help. > > --Rick > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > Rick- It is generally accepted that you should use single quotes whenever possible. I only use double quotes when writing SQL queries (so I don't have to continually escape them for the single quotes) and when I need to output control characters like "\r" or "\n". It would be considered "best practice" to make consistent use of them, but it wouldn't be something I would loose sleep over. Regards, -Josh -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
It is over head, but it caches the execution plan for multiple runs of the script. So different users with different data will use the same cached query on the database. Saving processing time. It also prevents SQL injection on the fly because you are indicating what data type each place holder will need to accept. No, it's per session. http://dev.mysql.com/doc/refman/5.0/en/sql-syntax-prepared-statements.html The scope of a prepared statement is the client session within which it is created. Other clients cannot see it. Well he probably meant that the mysql server will cache the query and that is true. But I think that mysql uses the cache only if the query is the exact same... So it does no good in this case. -- Thodoris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
It is over head, but it caches the execution plan for multiple runs of the script. So different users with different data will use the same cached query on the database. Saving processing time. It also prevents SQL injection on the fly because you are indicating what data type each place holder will need to accept. No, it's per session. http://dev.mysql.com/doc/refman/5.0/en/sql-syntax-prepared-statements.html The scope of a prepared statement is the client session within which it is created. Other clients cannot see it. -- Postgresql & php tutorials http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
On Wed, 2009-01-14 at 15:24 -0500, Frank Stanovcak wrote: > "Ashley Sheridan" wrote in message > news:1231962521.3613.13.ca...@localhost.localdomain... > > On Wed, 2009-01-14 at 11:17 -0500, MikeP wrote: > >> Hello, > >> I am trying to get the following to work: > >> "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" > >> Netid is a string type. > >> No matter where of if I put the quotes, I still get array[phpCAS] not the > >> value. > >> If there is anything I still have trouble with after all these years its > >> quoting variables. > >> Help? > >> Thanks > >> Mike > >> > >> > >> > > I always go with this: > > > > "Select Netid from Users where Netid = '{$_SESSION[phpCAS][user]}'" > > > > The curly braces allow PHP to use the full variable you intended. Note > > that you may need single quote marks around the text in each square > > bracket block or PHP my give you a warning about an unintended string > > literal. > > > > > > Ash > > www.ashleysheridan.co.uk > > > > even though it might have it's drawbacks I've never had a problem with > concat for sql statements. > > $sqlstmt = "Select Netid from Users where Netid = '" . > $_SESSION['phpCAS']['user']} . "'"; > > > Frank > > > That wont work, you forgot to take out the extra } at the end ;) Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
"Ashley Sheridan" wrote in message news:1231962521.3613.13.ca...@localhost.localdomain... > On Wed, 2009-01-14 at 11:17 -0500, MikeP wrote: >> Hello, >> I am trying to get the following to work: >> "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" >> Netid is a string type. >> No matter where of if I put the quotes, I still get array[phpCAS] not the >> value. >> If there is anything I still have trouble with after all these years its >> quoting variables. >> Help? >> Thanks >> Mike >> >> >> > I always go with this: > > "Select Netid from Users where Netid = '{$_SESSION[phpCAS][user]}'" > > The curly braces allow PHP to use the full variable you intended. Note > that you may need single quote marks around the text in each square > bracket block or PHP my give you a warning about an unintended string > literal. > > > Ash > www.ashleysheridan.co.uk > even though it might have it's drawbacks I've never had a problem with concat for sql statements. $sqlstmt = "Select Netid from Users where Netid = '" . $_SESSION['phpCAS']['user']} . "'"; Frank -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
On Wed, 2009-01-14 at 11:17 -0500, MikeP wrote: > Hello, > I am trying to get the following to work: > "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" > Netid is a string type. > No matter where of if I put the quotes, I still get array[phpCAS] not the > value. > If there is anything I still have trouble with after all these years its > quoting variables. > Help? > Thanks > Mike > > > I always go with this: "Select Netid from Users where Netid = '{$_SESSION[phpCAS][user]}'" The curly braces allow PHP to use the full variable you intended. Note that you may need single quote marks around the text in each square bracket block or PHP my give you a warning about an unintended string literal. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
On Wed, Jan 14, 2009 at 9:11 AM, wrote: > > > Doesn't anybody use prepared statements these days? It even helps MySQL > > AND Oracle cache an execution plan... > > Forgive me if I'm wrong, but: > > Caching an execution plan for a prepared statement that is run only once in > the script is just overhead, no? > > Or can it actually re-use the same cached statement from a different > connection by some magical matching up of the context??? Doesn't seem like > the kind of thing that would be workable, but what do I know? > > Now if you said "... allows the DB to cold-stop any SQL injection" you'd be > 100% right. :-) > > So MikeP should really consider using prepared statements for that reason, > as it lets the DB do the escaping. > > PS > I think MikeP is saying he writes the code once and gets it working, then > goes back and adds the escaping in later. This is fine if you ALWAYS > remember to do that, but in a frenzy to release under pressure... Bad Idea! > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > It is over head, but it caches the execution plan for multiple runs of the script. So different users with different data will use the same cached query on the database. Saving processing time. It also prevents SQL injection on the fly because you are indicating what data type each place holder will need to accept. -- Kyle Terry | www.kyleterry.com
Re: [PHP] Quotes in querys
> Doesn't anybody use prepared statements these days? It even helps MySQL > AND Oracle cache an execution plan... Forgive me if I'm wrong, but: Caching an execution plan for a prepared statement that is run only once in the script is just overhead, no? Or can it actually re-use the same cached statement from a different connection by some magical matching up of the context??? Doesn't seem like the kind of thing that would be workable, but what do I know? Now if you said "... allows the DB to cold-stop any SQL injection" you'd be 100% right. :-) So MikeP should really consider using prepared statements for that reason, as it lets the DB do the escaping. PS I think MikeP is saying he writes the code once and gets it working, then goes back and adds the escaping in later. This is fine if you ALWAYS remember to do that, but in a frenzy to release under pressure... Bad Idea! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
On Wed, Jan 14, 2009 at 8:41 AM, MikeP wrote: > Thanks, Thats the kind of help I was looking for. > Mike > wrote in message > news:20090114162142.65944.qm...@o2.hostbaby.com... > > > > You can only interpolate ONE level of array or object indirection in a > > string. > > > > WORKS: > > "... $foo[x] ..." > > "... $foo->x ..." > > > > FAILS: > > "... $foo[x][y] ..." > > "... $foo->x->y ..." //almost for sure it fails, never tried... > > > > You can use curly braces in side a string to evaluate something: > > > > WORKS: > > "... {$foo[x][y]} ..." > > "... {$foo->x->y} ..." > > > > [soapbox] > > I personally think this is possibly the ugliest wart of variable/string > > interpolation. > > > > Not sure how/why it came about, but it makes zero sense, really... > > [/soapbox] > > > > ymmv > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Doesn't anybody use prepared statements these days? It even helps MySQL AND Oracle cache an execution plan... -- Kyle Terry | www.kyleterry.com
Re: [PHP] Quotes in querys
Thanks, Thats the kind of help I was looking for. Mike wrote in message news:20090114162142.65944.qm...@o2.hostbaby.com... > > You can only interpolate ONE level of array or object indirection in a > string. > > WORKS: > "... $foo[x] ..." > "... $foo->x ..." > > FAILS: > "... $foo[x][y] ..." > "... $foo->x->y ..." //almost for sure it fails, never tried... > > You can use curly braces in side a string to evaluate something: > > WORKS: > "... {$foo[x][y]} ..." > "... {$foo->x->y} ..." > > [soapbox] > I personally think this is possibly the ugliest wart of variable/string > interpolation. > > Not sure how/why it came about, but it makes zero sense, really... > [/soapbox] > > ymmv > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
On Wed, Jan 14, 2009 at 11:34 AM, MikeP wrote: > > ""Eric Butera"" wrote in message > news:6a8639eb0901140825h1d603d01i3ffcce919dca6...@mail.gmail.com... >> On Wed, Jan 14, 2009 at 11:17 AM, MikeP wrote: >>> Hello, >>> I am trying to get the following to work: >>> "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" >>> Netid is a string type. >>> No matter where of if I put the quotes, I still get array[phpCAS] not the >>> value. >>> If there is anything I still have trouble with after all these years its >>> quoting variables. >>> Help? >>> Thanks >>> Mike >>> >>> >>> >>> -- >>> PHP General Mailing List (http://www.php.net/) >>> To unsubscribe, visit: http://www.php.net/unsub.php >>> >>> >> >> Dude we just helped you with this same exact thing the other day. And >> you're still allowing SQL injection. > > No, actually I test my querys first and then wrap them in > mysql_real_escape_string(). > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Mike, Well to be fair, I don't see any escaping in "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'". You could write: $sql = sprintf( "Select Netid from Users where Netid = '%s'", mysql_real_escape_string($_SESSION['phpCAS']['user']) ); and not have any of these problems. If you're escaping outside of that statement, then it's potentially tainting your data. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
""Eric Butera"" wrote in message news:6a8639eb0901140825h1d603d01i3ffcce919dca6...@mail.gmail.com... > On Wed, Jan 14, 2009 at 11:17 AM, MikeP wrote: >> Hello, >> I am trying to get the following to work: >> "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" >> Netid is a string type. >> No matter where of if I put the quotes, I still get array[phpCAS] not the >> value. >> If there is anything I still have trouble with after all these years its >> quoting variables. >> Help? >> Thanks >> Mike >> >> >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> > > Dude we just helped you with this same exact thing the other day. And > you're still allowing SQL injection. No, actually I test my querys first and then wrap them in mysql_real_escape_string(). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
On Wed, Jan 14, 2009 at 11:17 AM, MikeP wrote: > Hello, > I am trying to get the following to work: > "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" > Netid is a string type. > No matter where of if I put the quotes, I still get array[phpCAS] not the > value. > If there is anything I still have trouble with after all these years its > quoting variables. > Help? > Thanks > Mike > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Dude we just helped you with this same exact thing the other day. And you're still allowing SQL injection. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
You can only interpolate ONE level of array or object indirection in a string. WORKS: "... $foo[x] ..." "... $foo->x ..." FAILS: "... $foo[x][y] ..." "... $foo->x->y ..." //almost for sure it fails, never tried... You can use curly braces in side a string to evaluate something: WORKS: "... {$foo[x][y]} ..." "... {$foo->x->y} ..." [soapbox] I personally think this is possibly the ugliest wart of variable/string interpolation. Not sure how/why it came about, but it makes zero sense, really... [/soapbox] ymmv -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in querys
I am trying to get the following to work: "Select Netid from Users where Netid = '$_SESSION[phpCAS][user]'" Netid is a string type. No matter where of if I put the quotes, I still get array[phpCAS] not the value. Maybe try this : $q = 'Select Netid from Users where Netid = "' . $_SESSION[phpCAS][user] . '"'; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes?
Am 2006-09-05 23:12:43, schrieb Gustav Wiberg: > I want to save this to a string... > >
Re: [PHP] Quotes?
On 9/6/06, Gustav Wiberg <[EMAIL PROTECTED]> wrote: I want to save this to a string... var uri = 'http://impse.tradedoubler.com/imp/img/16352388/1122503?' + new String (Math.random()).substring (2, 11); document.write('http://clk.tradedoubler.com/click?p=48859&a=1122503&g=16352388"; target="_blank">'); How could i type? I've tried with ' and ".. but can't get it to work. tested diffrent types.. $str = '';
this should work. $str = 'var uri = 'http://impse.tradedoubler.com/imp/js/16350344/1122503?' +
new String (Math.random()).substring (2, 11);';
$str .= 'var uri = \'http://impse.tradedoubler.com/imp/js/16350344/1122503?\' + new String (Math.random()).substring (2, 11);'; $str = ""document.write('');""; charset="ISO-8859-1">
$str .= "\"document.write('');\""; $str = ; $str .= "\"\""; Best regards /Gustav Wiberg Stammis Internet -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php * use (.) dot to add another value to a string: e.g. $var = 'hello'; $var .= ' world'; echo $var; // hello world $var = 'foo' . ' bar'; echo $var; // foo bar * learn to escape character. hth, john -- GMail Rocks!!!
Re: [PHP] Quotes?
Or use a heredoc? -- http://www.web-buddha.co.uk http://www.projectkarma.co.uk
Re: [PHP] Quotes?
On Tue, 5 Sep 2006, Gustav Wiberg wrote: I want to save this to a string...var uri = 'http://impse.tradedoubler.com/imp/img/16352388/1122503?' + new String (Math.random()).substring (2, 11); document.write('href="http://clk.tradedoubler.com/click?p=48859&a=1122503&g=16352388"; target="_blank">');How could i type? Escape " and ', like this: \" and \'. -- 21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18 - Lic. Martín Marqués | SELECT 'mmarques' || Centro de Telemática| '@' || 'unl.edu.ar'; Universidad Nacional| DBA, Programador, del Litoral | Administrador - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes """ in form textarea fields
Andrew Kreps wrote: I'd like to add that you can also use the following syntax for textarea fields: which may also get you past the quoting problem. You mean you can use: unless you prefer depreciated code and cross site scripting vulnerabilities... http://www.w3.org/TR/html4/interact/forms.html#input-control-types http://www.w3.org/TR/html4/interact/forms.html#h-17.4 -- ---John Holmes... Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ php|architect: The Magazine for PHP Professionals – www.phparch.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes """ in form textarea fields
On Fri, 08 Oct 2004 06:22:22 -0700, Sam Smith <[EMAIL PROTECTED]> wrote: > Then from FROM2.php we Submit BACK to FROM1.php and enter it back into the > textarea field with: > which may also get you past the quoting problem. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes """ in form textarea fields
> A user enters in a textarea field of FORM1.php: > Bob is "high" > > Submitted to FROM2.php we get: > > Bob is \"high\" > Tha't's normal beacuse you have magic_quotes_gpc_on > In a hidden field in FROM2.php we store the value: > Then from FROM2.php we Submit BACK to FROM1.php and enter it back into the > textarea field with: > Because of that the atribute value will end at the first closeing quotes and will show only the string to that "closing" quotes. You can solve this by using the htmlspecialchars() or htmlentities() functions: $APParea1 = htmspecialchars(stripslashes($_POST['textarea'])); or can be done that other way: $APParea1 = htmlentities(stripslashes($_POST['textarea'])); Choose one or other function depending of your needs. Hope this helps. Regards, Jordi. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes """ in form textarea fields
Sam Smith wrote: I swear I googled for an hour first. A user enters in a textarea field of FORM1.php: Bob is "high" Submitted to FROM2.php we get: Bob is \"high\" In a hidden field in FROM2.php we store the value: So it looks: (hope this is what you meant) You forgot ending quote, but that does not matter now. You need to convert quotes and other special html chars to their html entities, using htmlentities() function -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes """ in form textarea fields
On Fri, 2004-10-08 at 06:22 -0700, Sam Smith wrote: > I swear I googled for an hour first. > > > A user enters in a textarea field of FORM1.php: > Bob is "high" > > Submitted to FROM2.php we get: > > Bob is \"high\" > > In a hidden field in FROM2.php we store the value: > Then from FROM2.php we Submit BACK to FROM1.php and enter it back into the > textarea field with: > > and then back by putting this in FORM1.php: > $APParea1 = $_POST['hidden']; > $APParea1 = str_replace("[QT]","\"",$APParea1); > > signature.asc Description: This is a digitally signed message part
Re: [PHP] quotes in text.
> Ok then, I want to know how to do it the right way but just using > $_POST['text'], as stated before, in my query still cuts off the text at > the quote. > > While passing this field between pages I don't do anything to it but when > I want to show it to the user I would use stripslashes($_POST['text']). Is > this the correct way to make sure my quotes get passed into the database? First I would turn off magic_quotes_gpc. I would use sessions to pass the data from step 1 to the end, much easier imho than messing around with hidden fields. When you store the data in the database use make sure you escape it, when you redisplay it, use the htmlentities function. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in text.
On Fri, 16 Jul 2004, John W. Holmes wrote: > Ed Curtis wrote: > > On Fri, 16 Jul 2004, Justin Patrin wrote: > >>This is why he said: "Since you seem to have magic_quotes_gpc enabled, > >>you can put the value directly into your query." > >> > >>You shouldn't use htmlentities when putting it into the DB. Use it > >>when displaying the text. > > > > I tried it both ways and it only works correctly when I do use > > htmlentities($_POST['text']) in my insert query. I'm not showing the text > > to the user on page 3 at all. > > Well, if you're happy with it "just working" and not knowing why or how > it's going to break in the future... have fun. > Ok then, I want to know how to do it the right way but just using $_POST['text'], as stated before, in my query still cuts off the text at the quote. While passing this field between pages I don't do anything to it but when I want to show it to the user I would use stripslashes($_POST['text']). Is this the correct way to make sure my quotes get passed into the database? Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in text.
Ed Curtis wrote: On Fri, 16 Jul 2004, Justin Patrin wrote: This is why he said: "Since you seem to have magic_quotes_gpc enabled, you can put the value directly into your query." You shouldn't use htmlentities when putting it into the DB. Use it when displaying the text. I tried it both ways and it only works correctly when I do use htmlentities($_POST['text']) in my insert query. I'm not showing the text to the user on page 3 at all. Well, if you're happy with it "just working" and not knowing why or how it's going to break in the future... have fun. -- ---John Holmes... Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ php|architect: The Magazine for PHP Professionals – www.phparch.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in text.
On Fri, 16 Jul 2004, Justin Patrin wrote: > This is why he said: "Since you seem to have magic_quotes_gpc enabled, > you can put the value directly into your query." > > You shouldn't use htmlentities when putting it into the DB. Use it > when displaying the text. I tried it both ways and it only works correctly when I do use htmlentities($_POST['text']) in my insert query. I'm not showing the text to the user on page 3 at all. Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in text.
On Fri, 16 Jul 2004 11:58:55 -0500 (EST), Ed Curtis <[EMAIL PROTECTED]> wrote: > > > > On Fri, 16 Jul 2004, John W. Holmes wrote: > > > Let's say you have $_POST['text'] from the user. > > > > To display the value back to the user with magic_quotes_enabled, you'd > > do this: > > > > echo htmlentities(stripslashes($_POST['text'])); > > > > To put the value into a hidden form element, you'd do this: > > > > > value=""> > > > > Now, $_POST['text'] will come out correctly on Page 3. Since you seem to > > have magic_quotes_gpc enabled, you can put the value directly into your > > query. > > Actually when I tried the above example nothing was entered into the > database. This worked.. htmlentities($_POST['text']). > This is why he said: "Since you seem to have magic_quotes_gpc enabled, you can put the value directly into your query." You shouldn't use htmlentities when putting it into the DB. Use it when displaying the text. -- DB_DataObject_FormBuilder - The database at your fingertips http://pear.php.net/package/DB_DataObject_FormBuilder paperCrane --Justin Patrin-- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in text.
On Fri, 16 Jul 2004, John W. Holmes wrote: > Let's say you have $_POST['text'] from the user. > > To display the value back to the user with magic_quotes_enabled, you'd > do this: > > echo htmlentities(stripslashes($_POST['text'])); > > To put the value into a hidden form element, you'd do this: > > value=""> > > Now, $_POST['text'] will come out correctly on Page 3. Since you seem to > have magic_quotes_gpc enabled, you can put the value directly into your > query. Actually when I tried the above example nothing was entered into the database. This worked.. htmlentities($_POST['text']). Thanks, Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in text.
Ed Curtis wrote: I'm having some difficulty with quotation marks, both single and double, input via a textarea in a form. Here's and example of text. Trying out the "Special Character" thing. Page 1 is the form. Page 2 is the data shown back to the user. original POST data is not touched. NO stripslashes original typed text is show to the user by stripslashes($thistext) original POST data is transferred to next page via hidden input field without stripping slashes. Page 3 posts the data to a MySQL database. original POST data is not touched. No stipslashes. Text gets cut off in database (Trying out the) What exactly do I need to do to the text so that any quotation marks (single or double) get input into the database. Let's say you have $_POST['text'] from the user. To display the value back to the user with magic_quotes_enabled, you'd do this: echo htmlentities(stripslashes($_POST['text'])); To put the value into a hidden form element, you'd do this: Now, $_POST['text'] will come out correctly on Page 3. Since you seem to have magic_quotes_gpc enabled, you can put the value directly into your query. -- ---John Holmes... Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/ php|architect: The Magazine for PHP Professionals – www.phparch.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Tue, 28 Oct 2003 22:28:12 -0800 Evan Nemerson <[EMAIL PROTECTED]> wrote: > On Wednesday 29 October 2003 12:30 am, - Edwin - wrote: > > On Tue, 28 Oct 2003 22:05:56 -0800 > > > > Evan Nemerson <[EMAIL PROTECTED]> wrote: > > > On Tuesday 28 October 2003 11:59 pm, - Edwin - wrote: > > > > Hi, > > > > > > > > On Wed, 29 Oct 2003 02:10:49 -0500 > > > > > > > > Leif K-Brooks <[EMAIL PROTECTED]> wrote: > > > > > Curt Zirzow wrote: > > > > > >Try reversing the quotes: > > > > > > error_prepend_string = ""; > > > > > > > > > > Not valid XHTML (not sure if it's even valid HTML). > > > > > > > > Why not? > > > > > > Because W3C says so. The closest thing I found to an > > > answer is http://www.w3.org/TR/xhtml1/#h-4.4 although I > > > really didn't dig deeply. validator.w3.org doesn't like > > > it, tidy doesn't like it. Opera doesn't like it. > > > > What "it"? > > The it we're talking about- an HTML entity masquerading as > a quote around an attribute. > > ?? Look up again and you'll see the Curt was talking about "reversing the quotes" and nothing about "entity masqueraders" ;) - E - __ Do You Yahoo!? Yahoo! BB is Broadband by Yahoo! http://bb.yahoo.co.jp/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Wed, 29 Oct 2003 03:29:13 -0500 Leif K-Brooks <[EMAIL PROTECTED]> wrote: > - Edwin - wrote: > > >Interesting. Where? > > > > > www.w3.org ? Sorry, *won't* find it there... In fact, a quick Google search gives you this: http://www.w3.org/TR/REC-html32 [quote] Attribute values can be quoted using double or single quote marks (ASCII decimal 34 and 39 respectively). Single quote marks can be included within the attribute value when the value is delimited by double quote marks, and vice versa. [/quote] Similar info can be found here: http://www.w3.org/TR/html401/html40.txt I'm sure the above applies to XHTML as well. Curt pointed this out earlier and, yes, using 'single quotes' (which is what this portion of this thread is all about) is valid (X)HTML. In fact, it even validates as XHTML "Strict". - E - __ Do You Yahoo!? Yahoo! BB is Broadband by Yahoo! http://bb.yahoo.co.jp/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
* Thus wrote Leif K-Brooks ([EMAIL PROTECTED]): > Curt Zirzow wrote: > > >Try reversing the quotes: > >error_prepend_string = ""; > > > > > Not valid XHTML (not sure if it's even valid HTML). Sure it is, the quote character can be either ' or " and will validate perfectly fine at w3c. now the font tag, thats a whole different issue. http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";> validate this perfectly fine Curt -- "My PHP key is worn out" PHP List stats since 1997: http://zirzow.dyndns.org/html/mlists/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Wednesday 29 October 2003 12:30 am, - Edwin - wrote: > On Tue, 28 Oct 2003 22:05:56 -0800 > > Evan Nemerson <[EMAIL PROTECTED]> wrote: > > On Tuesday 28 October 2003 11:59 pm, - Edwin - wrote: > > > Hi, > > > > > > On Wed, 29 Oct 2003 02:10:49 -0500 > > > > > > Leif K-Brooks <[EMAIL PROTECTED]> wrote: > > > > Curt Zirzow wrote: > > > > >Try reversing the quotes: > > > > > error_prepend_string = ""; > > > > > > > > Not valid XHTML (not sure if it's even valid HTML). > > > > > > Why not? > > > > Because W3C says so. The closest thing I found to an answer > > is http://www.w3.org/TR/xhtml1/#h-4.4 although I really > > didn't dig deeply. validator.w3.org doesn't like it, tidy > > doesn't like it. Opera doesn't like it. > > What "it"? The it we're talking about- an HTML entity masquerading as a quote around an attribute. > > - E - > > ...[snip]... > __ > Do You Yahoo!? > Yahoo! BB is Broadband by Yahoo! > http://bb.yahoo.co.jp/ -- Evan Nemerson [EMAIL PROTECTED] -- "There is a certain right by which we may deprive a man of life, but none by which we may deprive him of death." -Nietzsche -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
- Edwin - wrote: Interesting. Where? www.w3.org -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Tue, 28 Oct 2003 22:05:56 -0800 Evan Nemerson <[EMAIL PROTECTED]> wrote: > On Tuesday 28 October 2003 11:59 pm, - Edwin - wrote: > > Hi, > > > > On Wed, 29 Oct 2003 02:10:49 -0500 > > > > Leif K-Brooks <[EMAIL PROTECTED]> wrote: > > > Curt Zirzow wrote: > > > >Try reversing the quotes: > > > > error_prepend_string = ""; > > > > > > Not valid XHTML (not sure if it's even valid HTML). > > > > Why not? > > Because W3C says so. The closest thing I found to an answer > is http://www.w3.org/TR/xhtml1/#h-4.4 although I really > didn't dig deeply. validator.w3.org doesn't like it, tidy > doesn't like it. Opera doesn't like it. What "it"? - E - ...[snip]... __ Do You Yahoo!? Yahoo! BB is Broadband by Yahoo! http://bb.yahoo.co.jp/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Wed, 29 Oct 2003 03:22:54 -0500 Leif K-Brooks <[EMAIL PROTECTED]> wrote: > - Edwin - wrote: > > >Why not? > > > > > Because that's what the standard says. Interesting. Where? - E - __ Do You Yahoo!? Yahoo! BB is Broadband by Yahoo! http://bb.yahoo.co.jp/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
- Edwin - wrote: Why not? Because that's what the standard says. -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Tuesday 28 October 2003 11:59 pm, - Edwin - wrote: > Hi, > > On Wed, 29 Oct 2003 02:10:49 -0500 > > Leif K-Brooks <[EMAIL PROTECTED]> wrote: > > Curt Zirzow wrote: > > >Try reversing the quotes: > > > error_prepend_string = ""; > > > > Not valid XHTML (not sure if it's even valid HTML). > > Why not? Because W3C says so. The closest thing I found to an answer is http://www.w3.org/TR/xhtml1/#h-4.4 although I really didn't dig deeply. validator.w3.org doesn't like it, tidy doesn't like it. Opera doesn't like it. I don't have IE, and am too lazy to boot up a gecko-powered browser. Even if it _is_ valid (which I really don't think is the case), it's not usable. I sincerely doubt any parsers will figure it out. > > - E - > __ > Do You Yahoo!? > Yahoo! BB is Broadband by Yahoo! > http://bb.yahoo.co.jp/ -- Evan Nemerson [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
Hi, On Wed, 29 Oct 2003 02:10:49 -0500 Leif K-Brooks <[EMAIL PROTECTED]> wrote: > Curt Zirzow wrote: > > >Try reversing the quotes: > > error_prepend_string = ""; > > > > > Not valid XHTML (not sure if it's even valid HTML). Why not? - E - __ Do You Yahoo!? Yahoo! BB is Broadband by Yahoo! http://bb.yahoo.co.jp/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Tuesday 28 October 2003 10:46 pm, [EMAIL PROTECTED] wrote: > Evan Nemerson wrote: > >Is anyone aware of a way to get double quotes in the php.ini file? For > >instance, I'd like to be able to set error_prepend_string to " >color=\"#ff\">" (which doesn't work). > > > >The only work-around I can think of is doing ini_set()'s in an > >auto_prepend_file, and that's not acceptable for my purposes. > > Try using " to replace double quote Not valid (X)HTML, but it gets past the lexer. -- Evan Nemerson [EMAIL PROTECTED] -- "A popular government, without popular information, or the means of acquiring it, is but a Prologue to a Farce or a Tragedy - or perhaps both. Knowledge will forever govern ignorance, and a people who mean to be their own Governors must arm themselves with the power which knowledge gives." -James Madison -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Tuesday 28 October 2003 11:10 pm, Leif K-Brooks wrote: > Curt Zirzow wrote: > >Try reversing the quotes: > > error_prepend_string = ""; > > Not valid XHTML (not sure if it's even valid HTML). Yup. I've got the highlight_file thing from earlier working with ini entries, and I'm wondering how people are going to specify colour. I've even checked on HTML entities... Just trying to cover my bases before I send to internals@ Any other ideas? -- Evan Nemerson [EMAIL PROTECTED] -- "A popular government, without popular information, or the means of acquiring it, is but a Prologue to a Farce or a Tragedy - or perhaps both. Knowledge will forever govern ignorance, and a people who mean to be their own Governors must arm themselves with the power which knowledge gives." -James Madison -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
Curt Zirzow wrote: Try reversing the quotes: error_prepend_string = ""; Not valid XHTML (not sure if it's even valid HTML). -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
* Thus wrote Evan Nemerson ([EMAIL PROTECTED]): > On Tuesday 28 October 2003 11:29 pm, Rolf Brusletto wrote: > > Evan Nemerson wrote: > > >Is anyone aware of a way to get double quotes in the php.ini file? For > > >instance, I'd like to be able to set error_prepend_string to " > >color=\"#ff\">" (which doesn't work). > > > > > >The only work-around I can think of is doing ini_set()'s in an > > >auto_prepend_file, and that's not acceptable for my purposes. > > > > Why not use single quotes around the actual setting.. i.e. > > Because I get a parse error. Does it work for you? If so, what version of PHP > are you using??? Try reversing the quotes: error_prepend_string = ""; Curt -- "My PHP key is worn out" PHP List stats since 1997: http://zirzow.dyndns.org/html/mlists/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
On Tuesday 28 October 2003 11:29 pm, Rolf Brusletto wrote: > Evan Nemerson wrote: > >Is anyone aware of a way to get double quotes in the php.ini file? For > >instance, I'd like to be able to set error_prepend_string to " >color=\"#ff\">" (which doesn't work). > > > >The only work-around I can think of is doing ini_set()'s in an > >auto_prepend_file, and that's not acceptable for my purposes. > > Why not use single quotes around the actual setting.. i.e. Because I get a parse error. Does it work for you? If so, what version of PHP are you using??? > > error_prepend_string = ''; > > Rolf Brusletto > www.phpexamples.net -- Evan Nemerson [EMAIL PROTECTED] -- "If anyone can show me, and prove to me, that I am wrong in thought or deed, I will gladly change. I seek the truth, which never yet hurt anybody. It is only persistence in self-delusion and ignorance which does harm." -Marcus Aurelius -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
Evan Nemerson wrote: >Is anyone aware of a way to get double quotes in the php.ini file? For >instance, I'd like to be able to set error_prepend_string to "color=\"#ff\">" (which doesn't work). > >The only work-around I can think of is doing ini_set()'s in an >auto_prepend_file, and that's not acceptable for my purposes. > > Try using " to replace double quote -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes in php.ini
Evan Nemerson wrote: Is anyone aware of a way to get double quotes in the php.ini file? For instance, I'd like to be able to set error_prepend_string to "" (which doesn't work). The only work-around I can think of is doing ini_set()'s in an auto_prepend_file, and that's not acceptable for my purposes. Why not use single quotes around the actual setting.. i.e. error_prepend_string = ''; Rolf Brusletto www.phpexamples.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in regular expressions
That may be why! It's the htmlspecialchars() that is the issue.. The signle quote get convert into this, not sure if this apply to your situation though. --snip-- Reference : Special Characters in HTML left single quote ‘ ' right single quote ’ ' --snip-- "Thaddeus J. Quintin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > The biggest part of my problem was that I had already called > "htmlspecialchars" on the string, so there was no quotes to match! > > Duh. > > Even after I fixed that it was still turning into a hassle, so I just > made two checks, one for single quotes, and, failing that, one for > double quotes. > > not the prettiest answer, but I put good comments around it! > > Thaddeus > > Scott Fletcher wrote: > > > Try parsing it as a string where the double quote would become a string. > > See if that help. (Parse the whole characters into strings then find the > > double quote.) > > > > "Thaddeus J. Quintin" <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED] > > > >>-- SNIP -- > >> > If single-quoting (better, if you don't variable interpolation) you > >>don't even need to escape the backslashes, so: > >> > > >> > $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; > >>-- SNIP -- > >> > >>nope, not quite... > >>Here's what I've got- > >> > >>$pattern='/\bsrc=([\'|"])([^\1])*[\1]/im'; > >> > >>the string that's coming in is- > >>http://www.mydomain.net/templates/images/somepicture.gif"; > >>ALT="letter" BORDER="0" ALIGN="CENTER"> > >> > >>That's no newline or anything like that within the code (even with the > >>'m' option, i've had previous problems with that before), and I can > >>simplify the expression and grab everything including the quotes, so I'm > >>really not sure what's failing. > >> > >>Thanks- > >>Thaddeus > >> > >>Ford, Mike [LSS] wrote: > >> > >> > >>>On 21 August 2003 17:03, Thaddeus J. Quintin wrote: > >>> > >>> > >>> > Lets say I'm trying to extract some data from an HTML > document. I want > to get the values of the 'src' attributes of various tags. > > For example- > http://www.yahoo.com";> > > here's the pattern I've been trying- > > /\bsrc=(['|"])[^\\1]*[\\1]/im > > Basically, match the 'src=' followed by some type of quote, followed > by stuff that's not the quote originally matched, followed by > the same quote. > > But, obviously, I can't run this, because the quotes in the pattern > close off the string I'm trying to create. > > Are there ways of working with quotes? > >>> > >>> > >>>Just escape the quote like you've escaped the backslashes. > >>> > >>>If double-quoting: > >>> > >>>$pattern = "/\bsrc=(['|\"])[^\\1]*[\\1]/im"; > >>> > >>>If single-quoting (better, if you don't variable interpolation) you > > > > don't even need to escape the backslashes, so: > > > >>>$pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; > >>> > >>>Cheers! > >>> > >>>Mike > >>> > >>>- > >>>Mike Ford, Electronic Information Services Adviser, > >>>Learning Support Services, Learning & Information Services, > >>>JG125, James Graham Building, Leeds Metropolitan University, > >>>Beckett Park, LEEDS, LS6 3QS, United Kingdom > >>>Email: [EMAIL PROTECTED] > >>>Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 > >>> > >> > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in regular expressions
The biggest part of my problem was that I had already called "htmlspecialchars" on the string, so there was no quotes to match! Duh. Even after I fixed that it was still turning into a hassle, so I just made two checks, one for single quotes, and, failing that, one for double quotes. not the prettiest answer, but I put good comments around it! Thaddeus Scott Fletcher wrote: Try parsing it as a string where the double quote would become a string. See if that help. (Parse the whole characters into strings then find the double quote.) "Thaddeus J. Quintin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] -- SNIP -- > If single-quoting (better, if you don't variable interpolation) you don't even need to escape the backslashes, so: > > $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; -- SNIP -- nope, not quite... Here's what I've got- $pattern='/\bsrc=([\'|"])([^\1])*[\1]/im'; the string that's coming in is- http://www.mydomain.net/templates/images/somepicture.gif"; ALT="letter" BORDER="0" ALIGN="CENTER"> That's no newline or anything like that within the code (even with the 'm' option, i've had previous problems with that before), and I can simplify the expression and grab everything including the quotes, so I'm really not sure what's failing. Thanks- Thaddeus Ford, Mike [LSS] wrote: On 21 August 2003 17:03, Thaddeus J. Quintin wrote: Lets say I'm trying to extract some data from an HTML document. I want to get the values of the 'src' attributes of various tags. For example- http://www.yahoo.com";> here's the pattern I've been trying- /\bsrc=(['|"])[^\\1]*[\\1]/im Basically, match the 'src=' followed by some type of quote, followed by stuff that's not the quote originally matched, followed by the same quote. But, obviously, I can't run this, because the quotes in the pattern close off the string I'm trying to create. Are there ways of working with quotes? Just escape the quote like you've escaped the backslashes. If double-quoting: $pattern = "/\bsrc=(['|\"])[^\\1]*[\\1]/im"; If single-quoting (better, if you don't variable interpolation) you don't even need to escape the backslashes, so: $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in regular expressions
Try parsing it as a string where the double quote would become a string. See if that help. (Parse the whole characters into strings then find the double quote.) "Thaddeus J. Quintin" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > -- SNIP -- > > If single-quoting (better, if you don't variable interpolation) you > don't even need to escape the backslashes, so: > > > > $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; > -- SNIP -- > > nope, not quite... > Here's what I've got- > > $pattern='/\bsrc=([\'|"])([^\1])*[\1]/im'; > > the string that's coming in is- > http://www.mydomain.net/templates/images/somepicture.gif"; > ALT="letter" BORDER="0" ALIGN="CENTER"> > > That's no newline or anything like that within the code (even with the > 'm' option, i've had previous problems with that before), and I can > simplify the expression and grab everything including the quotes, so I'm > really not sure what's failing. > > Thanks- > Thaddeus > > Ford, Mike [LSS] wrote: > > > On 21 August 2003 17:03, Thaddeus J. Quintin wrote: > > > > > >>Lets say I'm trying to extract some data from an HTML > >>document. I want > >>to get the values of the 'src' attributes of various tags. > >> > >>For example- > >>http://www.yahoo.com";> > >> > >>here's the pattern I've been trying- > >> > >>/\bsrc=(['|"])[^\\1]*[\\1]/im > >> > >>Basically, match the 'src=' followed by some type of quote, followed > >>by stuff that's not the quote originally matched, followed by > >>the same quote. > >> > >>But, obviously, I can't run this, because the quotes in the pattern > >>close off the string I'm trying to create. > >> > >>Are there ways of working with quotes? > > > > > > Just escape the quote like you've escaped the backslashes. > > > > If double-quoting: > > > > $pattern = "/\bsrc=(['|\"])[^\\1]*[\\1]/im"; > > > > If single-quoting (better, if you don't variable interpolation) you don't even need to escape the backslashes, so: > > > > $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; > > > > Cheers! > > > > Mike > > > > - > > Mike Ford, Electronic Information Services Adviser, > > Learning Support Services, Learning & Information Services, > > JG125, James Graham Building, Leeds Metropolitan University, > > Beckett Park, LEEDS, LS6 3QS, United Kingdom > > Email: [EMAIL PROTECTED] > > Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Quotes in regular expressions
-- SNIP -- > If single-quoting (better, if you don't variable interpolation) you don't even need to escape the backslashes, so: > > $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; -- SNIP -- nope, not quite... Here's what I've got- $pattern='/\bsrc=([\'|"])([^\1])*[\1]/im'; the string that's coming in is- http://www.mydomain.net/templates/images/somepicture.gif"; ALT="letter" BORDER="0" ALIGN="CENTER"> That's no newline or anything like that within the code (even with the 'm' option, i've had previous problems with that before), and I can simplify the expression and grab everything including the quotes, so I'm really not sure what's failing. Thanks- Thaddeus Ford, Mike [LSS] wrote: On 21 August 2003 17:03, Thaddeus J. Quintin wrote: Lets say I'm trying to extract some data from an HTML document. I want to get the values of the 'src' attributes of various tags. For example- http://www.yahoo.com";> here's the pattern I've been trying- /\bsrc=(['|"])[^\\1]*[\\1]/im Basically, match the 'src=' followed by some type of quote, followed by stuff that's not the quote originally matched, followed by the same quote. But, obviously, I can't run this, because the quotes in the pattern close off the string I'm trying to create. Are there ways of working with quotes? Just escape the quote like you've escaped the backslashes. If double-quoting: $pattern = "/\bsrc=(['|\"])[^\\1]*[\\1]/im"; If single-quoting (better, if you don't variable interpolation) you don't even need to escape the backslashes, so: $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Quotes in regular expressions
On 21 August 2003 17:03, Thaddeus J. Quintin wrote: > Lets say I'm trying to extract some data from an HTML > document. I want > to get the values of the 'src' attributes of various tags. > > For example- > http://www.yahoo.com";> > > here's the pattern I've been trying- > > /\bsrc=(['|"])[^\\1]*[\\1]/im > > Basically, match the 'src=' followed by some type of quote, followed > by stuff that's not the quote originally matched, followed by > the same quote. > > But, obviously, I can't run this, because the quotes in the pattern > close off the string I'm trying to create. > > Are there ways of working with quotes? Just escape the quote like you've escaped the backslashes. If double-quoting: $pattern = "/\bsrc=(['|\"])[^\\1]*[\\1]/im"; If single-quoting (better, if you don't variable interpolation) you don't even need to escape the backslashes, so: $pattern = '/\bsrc=([\'|"])[^\1]*[\1]/im'; Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] quotes
> -Original Message- > From: Lso . [mailto:[EMAIL PROTECTED] > Sent: 25 June 2003 18:32 > > ok i see why i didnt work but i dont know why. > > can anyone tell me why this works: > > > > but this doesn't: > > echo ""; Because by default htmlentities will convert double quotes but not single ones -- if you convert the second one to use double quotes in the HTML (like the first one), it should work: echo ''; Or you could use the optional 2nd parameter to htmlentities to make it convert single quotes as well -- the following is a quote from the manual page at http://www.php.net/htmlentities: > the optional second quote_style parameter lets you define what will > be done with 'single' and "double" quotes. It takes on one of three > constants with the default being ENT_COMPAT: > > Constant Name Description > ENT_COMPAT Will convert double-quotes and leave single-quotes > alone. > ENT_QUOTES Will convert both double and single quotes. > ENT_NOQUOTESWill leave both double and single quotes unconverted. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
LOL my mistake jason I should have paid more attention - Original Message - From: "Jason Wong" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 25, 2003 12:26 PM Subject: Re: [PHP] quotes > On Thursday 26 June 2003 01:33, Chris Sherwood wrote: > > > I dont know what you were thinking but this is in a php list > > > > when you render html with php and you want double quotes in the html you > > MUST escape them > > > > otherwise you dont use double quotes > > Sorry, it was the context of the thing: > > > > > > > ie input type=\"text\" > > As that snippet was on its own without any preceeding echo or print statement > I had assumed that that was plain HTML. > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.biz > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > -- > Search the list archives before you post > http://marc.theaimsgroup.com/?l=php-general > -- > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
On Thursday 26 June 2003 01:33, Chris Sherwood wrote: > I dont know what you were thinking but this is in a php list > > when you render html with php and you want double quotes in the html you > MUST escape them > > otherwise you dont use double quotes Sorry, it was the context of the thing: > > > > > ie input type=\"text\" As that snippet was on its own without any preceeding echo or print statement I had assumed that that was plain HTML. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
--- "Lso ." <[EMAIL PROTECTED]> wrote: > ok i see why i didnt work but i dont know why. > > can anyone tell me why this works: > > > > but this doesn't: > > echo ""; It works for me, at least it does what I think you mean it to do. I'm not a big fan of single-quoted attributes in HTML, but it should be fine. What doesn't work for you? Chris = Become a better Web developer with the HTTP Developer's Handbook http://httphandbook.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Jason I dont know what you were thinking but this is in a php list when you render html with php and you want double quotes in the html you MUST escape them otherwise you dont use double quotes - Original Message - From: "Jason Wong" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 25, 2003 9:58 AM Subject: Re: [PHP] quotes > On Thursday 26 June 2003 00:02, Chris Sherwood wrote: > > well thats seems unlikely as I do it all the time.. > > > > how ever I am not going to argue p's and q's ... > > if it doesnt work for him it doesnt work > > > > - Original Message - > > From: "Adam Voigt" <[EMAIL PROTECTED]> > > To: "Chris Sherwood" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Wednesday, June 25, 2003 9:04 AM > > Subject: Re: [PHP] quotes > > > > > Umm, in his first email, he specifically said all the quotes > > > were already escaped with slashes and it didn't help. > > > > > > On Wed, 2003-06-25 at 11:50, Chris Sherwood wrote: > > > > or you would escape the quote by putting a \ in front of it that way > > > > the engine knows to "write" the quote. > > > > > > > > ie input type=\"text\" > > HTML doesn't need (indeed, want) slashes in front of quotes. > > -- > Jason Wong -> Gremlins Associates -> www.gremlins.biz > Open Source Software Systems Integrators > * Web Design & Hosting * Internet & Intranet Applications Development * > -- > Search the list archives before you post > http://marc.theaimsgroup.com/?l=php-general > -- > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
im stupid. it works. so sorry. htmlentities did the trick. i had a chunk of code lingering from a former attempt at fixing it that screwed it all up. thanks again everyone. Lucas _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
When you view the html source is all of the text including the quotes there? >>> "Lso ." <[EMAIL PROTECTED]> 06/25/03 12:06PM >>> go ahead an try it. the quote is quite clearly in the database, but when i try to put it back in a form field everything is cut off after the quote. and i tried stripslashed, and htmlentities, and htmlspecialchars. i would turn magic quotes on, but im afaid it might mess something else up. there is too much stuff running on this serever to take that risk. Lucas Owens www.lucasowens.com www.technoiraudio.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
here ya go: function dbconnect(){ $dbh=mysql_connect ("**", "**", "**") or die ('I cannot connect to the database because: ' . mysql_error()); mysql_select_db ("**"); } $dbname = "***"; $urlname = "parteditlists.php"; function drawtable2($id, $company, $division, $contact, $address1, $city, $state, $zip, $voice, $fax, $email, $dbname, $urlname){ echo " company division contact address city editdelete {$company} {$division} {$contact} {$address1} {$city} state zip voice fax email {$state} {$zip} {$voice} {$fax} {$email} "; } ?> New York One Call - Participating Members Administration Page New York One CallParticipating Members List Add Form. Company Name: Company Division: Contact Name: Address: City: State: Zip: Voice Number: Fax Number: Email: http://www.nycli1calldsi.com/lists/partmemtest.php"; target="_blank">Display the Participating Members page. New York One CallParticipating Members List Edit Form. dbconnect(); $query = "SELECT * FROM {$dbname} ORDER BY company"; $result = mysql_query( $query ) or die ( "MySQL Error - " . mysql_errno() . ": " . mysql_error() ); $numresult = mysql_num_rows($result); for($i=0; $i<$numresult; $i++){ $row = mysql_fetch_array($result); drawtable2($row['id'], $row['company'], $row['division'], $row['contact'], $row['address1'], $row['city'], $row['state'], $row['zip'], $row['voice'], $row['fax'], $row['email'], $dbname, $urlname); } ?> _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
go ahead an try it. the quote is quite clearly in the database, but when i try to put it back in a form field everything is cut off after the quote. and i tried stripslashed, and htmlentities, and htmlspecialchars. i would turn magic quotes on, but im afaid it might mess something else up. there is too much stuff running on this serever to take that risk. Lucas Owens www.lucasowens.com www.technoiraudio.com From: Jason Wong <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [PHP] quotes Date: Thu, 26 Jun 2003 00:58:40 +0800 On Thursday 26 June 2003 00:02, Chris Sherwood wrote: > well thats seems unlikely as I do it all the time.. > > how ever I am not going to argue p's and q's ... > if it doesnt work for him it doesnt work > > - Original Message - > From: "Adam Voigt" <[EMAIL PROTECTED]> > To: "Chris Sherwood" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, June 25, 2003 9:04 AM > Subject: Re: [PHP] quotes > > > Umm, in his first email, he specifically said all the quotes > > were already escaped with slashes and it didn't help. > > > > On Wed, 2003-06-25 at 11:50, Chris Sherwood wrote: > > > or you would escape the quote by putting a \ in front of it that way > > > the engine knows to "write" the quote. > > > > > > ie input type=\"text\" HTML doesn't need (indeed, want) slashes in front of quotes. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
On Thursday 26 June 2003 00:52, Lso . wrote: > it doesnt work, i just tried it. the text is still cut off after the quote > > >Just try htmlentities()! A textarea is for multiple lines of text! Show some code please. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
On Thursday 26 June 2003 00:02, Chris Sherwood wrote: > well thats seems unlikely as I do it all the time.. > > how ever I am not going to argue p's and q's ... > if it doesnt work for him it doesnt work > > - Original Message - > From: "Adam Voigt" <[EMAIL PROTECTED]> > To: "Chris Sherwood" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, June 25, 2003 9:04 AM > Subject: Re: [PHP] quotes > > > Umm, in his first email, he specifically said all the quotes > > were already escaped with slashes and it didn't help. > > > > On Wed, 2003-06-25 at 11:50, Chris Sherwood wrote: > > > or you would escape the quote by putting a \ in front of it that way > > > the engine knows to "write" the quote. > > > > > > ie input type=\"text\" HTML doesn't need (indeed, want) slashes in front of quotes. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
I had the same problem. I had my ISP turn magic quotes on in the php.ini file on their server. As soon as they did that, everything worked just fine. -Steve Marquez Marquez Design [EMAIL PROTECTED] www.marquez-design.com > it doesnt work, i just tried it. the text is still cut off after the quote > > >> Just try htmlentities()! A textarea is for multiple lines of text! >> > > _ > Tired of spam? Get advanced junk mail protection with MSN 8. > http://join.msn.com/?page=features/junkmail > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
it doesnt work, i just tried it. the text is still cut off after the quote Just try htmlentities()! A textarea is for multiple lines of text! _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Lso . wrote: Thanks everyone. Honestly I tried so many things that Im not sure exactly what combinations I tried. The textfield trick works, and I so sick of looking at this script Im moving on. Ill try something else the next time around. Thanks again for all of the excellent fast help!! Just try htmlentities()! A textarea is for multiple lines of text! -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Thanks everyone. Honestly I tried so many things that Im not sure exactly what combinations I tried. The textfield trick works, and I so sick of looking at this script Im moving on. Ill try something else the next time around. Thanks again for all of the excellent fast help!! Lucas Owens www.lucasowens.com www.technoiraudio.com _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
well thats seems unlikely as I do it all the time.. how ever I am not going to argue p's and q's ... if it doesnt work for him it doesnt work - Original Message - From: "Adam Voigt" <[EMAIL PROTECTED]> To: "Chris Sherwood" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, June 25, 2003 9:04 AM Subject: Re: [PHP] quotes > Umm, in his first email, he specifically said all the quotes > were already escaped with slashes and it didn't help. > > > > On Wed, 2003-06-25 at 11:50, Chris Sherwood wrote: > > or you would escape the quote by putting a \ in front of it that way the > > engine knows to "write" the quote. > > > > ie input type=\"text\" > > > > - Original Message - > > From: "Adam Voigt" <[EMAIL PROTECTED]> > > To: "Lso ." <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Wednesday, June 25, 2003 7:47 AM > > Subject: Re: [PHP] quotes > > > > > > > Cause of the quotes around the value, example: > > > > > > > > > > > > The HTML parser gets confused by the "'s around hank, > > > so since the textarea doesn't use quote's to delimit the > > > value, it works fine. > > > > > > > > > > > > On Wed, 2003-06-25 at 10:37, Lso . wrote: > > > > Does anyone know why this works this way? seems kinda odd that a > > textarea > > > > will display it correctly but a normla field will not. > > > > > > > > >>Try a textarea. Example: > > > > > > > > Lucas > > > > > > > > _ > > > > Tired of spam? Get advanced junk mail protection with MSN 8. > > > > http://join.msn.com/?page=features/junkmail > > > -- > > > Adam Voigt ([EMAIL PROTECTED]) > > > Linux/Unix Network Administrator > > > The Cryptocomm Group > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > -- > Adam Voigt ([EMAIL PROTECTED]) > Linux/Unix Network Administrator > The Cryptocomm Group > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Umm, in his first email, he specifically said all the quotes were already escaped with slashes and it didn't help. On Wed, 2003-06-25 at 11:50, Chris Sherwood wrote: > or you would escape the quote by putting a \ in front of it that way the > engine knows to "write" the quote. > > ie input type=\"text\" > > - Original Message - > From: "Adam Voigt" <[EMAIL PROTECTED]> > To: "Lso ." <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, June 25, 2003 7:47 AM > Subject: Re: [PHP] quotes > > > > Cause of the quotes around the value, example: > > > > > > > > The HTML parser gets confused by the "'s around hank, > > so since the textarea doesn't use quote's to delimit the > > value, it works fine. > > > > > > > > On Wed, 2003-06-25 at 10:37, Lso . wrote: > > > Does anyone know why this works this way? seems kinda odd that a > textarea > > > will display it correctly but a normla field will not. > > > > > > >>Try a textarea. Example: > > > > > > Lucas > > > > > > _ > > > Tired of spam? Get advanced junk mail protection with MSN 8. > > > http://join.msn.com/?page=features/junkmail > > -- > > Adam Voigt ([EMAIL PROTECTED]) > > Linux/Unix Network Administrator > > The Cryptocomm Group > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- Adam Voigt ([EMAIL PROTECTED]) Linux/Unix Network Administrator The Cryptocomm Group -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
or you would escape the quote by putting a \ in front of it that way the engine knows to "write" the quote. ie input type=\"text\" - Original Message - From: "Adam Voigt" <[EMAIL PROTECTED]> To: "Lso ." <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, June 25, 2003 7:47 AM Subject: Re: [PHP] quotes > Cause of the quotes around the value, example: > > > > The HTML parser gets confused by the "'s around hank, > so since the textarea doesn't use quote's to delimit the > value, it works fine. > > > > On Wed, 2003-06-25 at 10:37, Lso . wrote: > > Does anyone know why this works this way? seems kinda odd that a textarea > > will display it correctly but a normla field will not. > > > > >>Try a textarea. Example: > > > > Lucas > > > > _ > > Tired of spam? Get advanced junk mail protection with MSN 8. > > http://join.msn.com/?page=features/junkmail > -- > Adam Voigt ([EMAIL PROTECTED]) > Linux/Unix Network Administrator > The Cryptocomm Group > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] quotes
What you also need is to htmlspecialchars() the vars that you echo as form element values, else your HTML will be broken if one of the vars contains " . This should work for both text fields and textareas or -Original Message- From: Lso . [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 25, 2003 4:21 PM To: [EMAIL PROTECTED] Subject: [PHP] quotes Ok I have been searching to no avail. I have a form that lets you add new sets of information to a database. Once you add information i have a page that displays this information in a series of text fields. I have done this so you can alter the information in the fields hit edit and the information is updated, you are brought back to the same page and there you see your updated information. This all works fine. The problem is if the usere enters a quote. I have used addslashes(), and the information is entered fine, but when I display the information in the form fields its cut off right after the quote. I tried stripslashes() didnt work. If i url encode the input i get the html entity displayed in the form field. Does anyone have any suggestions? Im just trying to make a nice interface for editing this data. Thanks in advance. Lucas Owens www.lucasowens.com www.technoiraudio.com _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Lso . wrote: Ok I have been searching to no avail. I have a form that lets you add new sets of information to a database. Once you add information i have a page that displays this information in a series of text fields. I have done this so you can alter the information in the fields hit edit and the information is updated, you are brought back to the same page and there you see your updated information. This all works fine. The problem is if the usere enters a quote. I have used addslashes(), and the information is entered fine, but when I display the information in the form fields its cut off right after the quote. I tried stripslashes() didnt work. If i url encode the input i get the html entity displayed in the form field. Does anyone have any suggestions? Im just trying to make a nice interface for editing this data. Thanks in advance. htmlentities() the value before displaying it in a field. -- The above message is encrypted with double rot13 encoding. Any unauthorized attempt to decrypt it will be prosecuted to the full extent of the law. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
understood. thanks for the help. Lucas Owens www.lucasowens.com www.technoiraudio.com From: Adam Voigt <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: "Lso ." <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: [PHP] quotes Date: 25 Jun 2003 10:47:56 -0400 Cause of the quotes around the value, example: The HTML parser gets confused by the "'s around hank, so since the textarea doesn't use quote's to delimit the value, it works fine. On Wed, 2003-06-25 at 10:37, Lso . wrote: > Does anyone know why this works this way? seems kinda odd that a textarea > will display it correctly but a normla field will not. > > >>Try a textarea. Example: > > Lucas > > _ > Tired of spam? Get advanced junk mail protection with MSN 8. > http://join.msn.com/?page=features/junkmail -- Adam Voigt ([EMAIL PROTECTED]) Linux/Unix Network Administrator The Cryptocomm Group _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Cause of the quotes around the value, example: The HTML parser gets confused by the "'s around hank, so since the textarea doesn't use quote's to delimit the value, it works fine. On Wed, 2003-06-25 at 10:37, Lso . wrote: > Does anyone know why this works this way? seems kinda odd that a textarea > will display it correctly but a normla field will not. > > >>Try a textarea. Example: > > Lucas > > _ > Tired of spam? Get advanced junk mail protection with MSN 8. > http://join.msn.com/?page=features/junkmail -- Adam Voigt ([EMAIL PROTECTED]) Linux/Unix Network Administrator The Cryptocomm Group -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Does anyone know why this works this way? seems kinda odd that a textarea will display it correctly but a normla field will not. Try a textarea. Example: Lucas _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] quotes
Yes!! You are the man! It works! Thank you all for the fast response. Lucas Owens www.lucasowens.com www.technoiraudio.com Try a textarea. Example: _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php