Results 1 to 7 of 7
  1. #1
    Join Date
    Aug 2005
    Location
    EIB Network
    Posts
    474

    * Echo'ing a quoted string inside a value attribute xhtml

    Hey guys,

    I have a 'profile' table where users can optionally fill out inputs like 'occupation', 'favorite food', etc.

    The form for updating your profile pulls any existing profile fields from the user's profile records and adds the respective values to the text inputs of the form... for instance:

    PHP Code:
    <!-- QUOTE --> 
    <p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value=" 
    <?php if (isset($row['quote'])) echo $row['quote']; ?>" /></p>
    $row['quote'] is the current quote that was orginally inputted by the user. The problem with the code above is that with quotes, the user will type in the text box a quote with actual "quotation" marks around it... like so...

    "To the winner goes the spoils"

    When the input is placed in the DB, I run it through 'escape_data()' function (my own) which runs it through mysql_real_escape_string(). But because it has quotes around it, it is cancelling out the 'value=' attribute early in the XHTML input code. How can I get around this and how do I display data that was inputted with quotes in it in such 'input HTML' code as above?? Thanks for your help. Take care.

  2. #2
    Join Date
    Sep 2005
    Location
    Southern California
    Posts
    179
    Could you run a replace on the string and replace " with &quot; ? this should cause it to display correctly inside the text box.

  3. #3
    Join Date
    Oct 2004
    Location
    Shimonoseki
    Posts
    2,101
    If you have magic_quotes on, you have to use stripslashes() before you use mysql_real_escape_string(), or else your data will be double-escaped..
    Closed for winter...

  4. #4
    Here is the right code to use :
    PHP Code:
    <p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value=" 
    <?php if (isset($row['quote'])) echo htmlentities($row['quote']); ?>" /></p>
    You can optimize the syntax in more elegant way :
    PHP Code:
    <p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value=" 
    <?php echo (isset($row['quote']) ? htmlentities($row['quote']) : NULL); ?>" /></p>
    And if short_open_tag is On :
    PHP Code:
    <p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value=" 
    <?= isset($row['quote']) ? htmlentities($row['quote']) : NULL ?>" /></p>
    Always use the htmlentities function if you want to output data in HTML code.

  5. #5
    Join Date
    Nov 2005
    Posts
    72
    noob, sure... but the way i see it is if you are using a conditional such as IF you need to have curly brakets ("{", "}") to show what you want php to do if that IF statement is true.

    is:
    PHP Code:
    <p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value="  
    <?php if (isset($row['quote'])) echo $row['quote']; ?>" /></p>
    should be:
    PHP Code:
    <p><strong>Favorite Quote:</strong> <input type="text" name="quote" size="40" maxlength="250" value="  
    <?php if (isset($row['quote'])){ echo $row['quote'];} ?>" /></p>

    like i said though... noob.

    don't take my word for it.

  6. #6
    Quote Originally Posted by woody8624
    noob, sure... but the way i see it is if you are using a conditional such as IF you need to have curly brakets ("{", "}") to show what you want php to do if that IF statement is true.
    You do not need curly brackets when the conditionnal statement has only 1 instruction.

  7. #7
    Join Date
    Nov 2005
    Posts
    72
    Quote Originally Posted by Ellixis
    You do not need curly braces when the conditionnal statement has only 1 instruction.
    wow! really?

    ill keep that in mind. that's cool.

    ill prolly conitinue to do it out of habit anywho. ... oh well.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •