|
PHP - Troubled With Quotes
Alright, I've troubleshooted for about an hour on this and still can't figure it out, I've got the following line of code:
Code: [Select] $newstring = '$search = mysql_query("SELECT * FROM cmscbesalke.game where gameTitle = '".$gametitle."'");'; that is giving the following error: Parse error: syntax error, unexpected '"' in /home/content/06/8675706/html/edit.game.php on line 136 I've tried to do the following as well: Escaping the ", adding in extra . operators, and removing quotes. The complicated part here is that I need the fwrite to write the $gametitle variable, with single quotes around it that way the mysql_query will return the correct database entry, but everytime I get the line of code to work it does not put the quotes. Similar TutorialsThis code only works in firefox <a onMouseout='hidetooltip()' onMouseover='tooltip(\"<img src=img/heroes/$hero.gif\")' href='hero.php?hero=$hero'>Text</a> Btw, I use this in echo (php). How to get quotes (triple) on <img src= ? I also have tried <img src='img/heroes/$hero.gif' But only works on FireFox Hi, I could really do with some help putting the prices from two drop down boxes into sessions To start with the user can choose two seats one from each drop down box //DROP DOWN BOX ONE $extract =mysql_query("SELECT * FROM ride WHERE rideID ='1'"); $numrows = mysql_num_rows($extract); //start of form echo '<form method="post" name="f1" action="card.php">'; echo 'Please choose a seat: '; echo"<select name='seat' >"; while( $row = mysql_fetch_assoc($extract)) { $rideID = $row ['rideID']; $name = $row ['name']; $seatNumber = $row ['seatNumber']; $time = $row ['time']; $price = $row ['price']; echo "<option name='seat'> $seatNumber </option>"; $_SESSION['extract']=$_POST['seat']; } echo '</select><br>'; //DROP DOWN BOX TWO $extract2 =mysql_query("SELECT * FROM ride WHERE rideID ='1'"); $numrows = mysql_num_rows($extract2); //start of form echo '<form method="post" name="f2" action="card.php">'; echo 'Please choose a seat: '; echo"<select name='seat2' >"; while( $row = mysql_fetch_assoc($extract2)) { $rideID = $row ['rideID']; $rideName = $row ['rideName']; $seatNumber = $row ['seatNumber']; $time = $row ['time']; $price = $row ['price']; echo "<option name='seat2'> $seatNumber </option>"; $_SESSION['extract2']=$_POST['seat2']; } echo '</select><br>'; at the moment I have this : $query =mysql_query("SELECT price FROM ride WHERE rideID ='1' LIMIT 1"); while ($row=mysql_fetch_array($query)) { echo $row['price']; echo "<br>"; $seatPrice1=($row['price']); $seatPrice2=($row['price']*2); $vat1=17.5; function vat($vat, $row['price']) { return sprintf("%01.2f", ($vat*$row['price]/ 100)); } $vatprice = vat(17.5, 2.50); $total1=($vatprice); $total2=($vatprice*2); $endPrice1= ($total1+$seatPrice1); $endPrice2= ($total2+$seatPrice2); What I need is $endPrice1 and $endPrice2 in $_SESSIONS so i an INSERT them in to the database 3 pages away from this query/VAT fucntion. Can anyone help? Quotation marks are confusing me.
What do you guys use when it comes to quotation marks?
In HTML attributes and throughout the bodies of my web pages, I use the HTML entity ("). For example:
<a href="" title="Read "Article Name""> <p>In his new book, he says: "This is a quote."</p>I thought that this is the best practice. However, today, I read that it's perfectly safe to use straight quotes (") in the body, and that I should use the HTML entity only in HTML attributes. Is that correct? But what if I want to use curly quotes in the body instead of straight quotes? Should I always use the HTML entities for curly quotes (“ and ”), or can I also safely use the characters (“”)? I heard that straight quotes are safe in all browsers, even if you don't specify the character set of your web pages, but that curly quotes are only safe if you specify the character set or if you use the HTML entities. Is that true? And what about the <q> tag? Apparently, it's compatible with all browsers but they treat it differently. Edited by Fluoresce, 30 August 2014 - 07:37 AM. The fancy-looking quotes won't insert into my DB, so I'm trying to convert them to %93 & %94 or normal quotes.
Nothing I've tried works.
Code:
$fancy=" “test” "; $fixed=htmlentities($old, ENT_QUOTES); echo "fancy: $fancy<br>"; echo "fixed: $fixed"; Results: fancy: “test” fixed: I want $fixed to be %93test%94, or even "test" would work. Edited by rwmaho, 18 October 2014 - 01:28 PM. Hello everyone! This is my first post. I am very new to php and mysql and coding in general. It has not been made 100% clear to me as to when I should use single quotes, double quotes, and {}. From what I gather you use single quotes for literal interpretation... so if you put something like a variable in single quotes and echoed it, it would literally echo it as it is written and not the value of the variable. in double quotes, I gather that it will echo the value of the variable. as for {} I am unclear as to when to use the curly brackets for a variable. I am assuming if you had a statement in single quotes and you put a variable in curly brackets you would get the value of the variable?
Edited by LazerOrca, 25 November 2014 - 11:20 PM. I don't think I've asked this before have I?? can someone give me an internet KB that gives me all scenarios that warrant using singles or doubles? as in, wrapping values, variables, and why I need to do either, and when, etc, etc....? thanks Edited March 29 by ajetrumpetA problem has arisen which puzzles me. I have forms which save data to MySql and retrieve it, showing it as the default data in the form. Naturally I escape any quotes before sending it to the database and remove the slashes when I retrieve it. But the form HTML code shows the data like this value="$variable" which is fine when only single quotes are used in the data but causes a problem when the user uses double quotes. So data of John \"Jack\" Smith would be output as value="John "Jack" Smith" with obvious problems. If I use value='...' then that would cause problems with single quotes. I haven't seen the answer in any of my books. The only things I can think of is changing all double quotes to single before saving to DB or converting them with htmlspecialcharacters so they are no longer actual quotes. Hello, Using the following code, I'm extracting the $current_solution from my database. However, if the variable has quotes in it, I get gobbledegook. Code: [Select] <input type ="radio" name="solution" <?php echo 'value="' . $current_solution . '"' ?> id="solution" <?php if ($row['solution'] == $current_solution) {echo 'checked = "yes"';} ?>/><?php echo$current_solution; ?></label> As an example, if the $current_solution variable is: A right-side up letter u then I get: " id="solution" checked = "yes"/> A right-side up letter "u". I know that it's a quote issue but am not sure how to fix it. I tried adding slashes but I fear that it didn't work. Any thoughts on this would be appreciated! Thanks so much, Eric i have some code which checks to see if a username and an email is in use. from what i can understand, it uses magic quotes to prevent sql injection. i've heard that magic quotes are not going to be in use in php6, so how can i change it so that it uses real escape string instead? if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); if ($check2 != 0) { die('Sorry, the username '.$_POST['username'].' is already in use.'); } if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $emailcheck = $_POST['email']; $check = mysql_query("SELECT email FROM users WHERE email = '$emailcheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); if ($check2 != 0) { die('Sorry, the email '.$_POST['email'].' is already registered to another account.'); } Thanks I'm trying to figure out why it won't display the quote(s) for the selected person. I echoed the query and it's getting the correct id its just not displaying correctly. Any ideas? function getQuotes($id) { $id=mysql_real_escape_string($id); $sql = "SELECT * FROM `efed_bio_quotes` WHERE bio_id = '$id'"; $re = mysql_query($sql); $i = 0; $quotes = array(); $row = mysql_fetch_assoc($re); extract($row); ?> <ul id="quotes"> <?php if(count($quotes) > 0){ for($i = 0; $i < count($quotes); $i++){ echo "<li>".$quotes[$i]."</li>"; } } else{ echo '<li>This wrestler has no quotes.</li>'; } ?> </ul> <?php } My old server had magic_quotes_gpc turned on. My new one does not. Will mysql_real_escape_string solve all the issues that magic_quotes was used for? My site runs a blogging application and it seems some of the templates which contain a lot of html and css do not insert into the database properly even when using mysql_real_escape_string. Thanks, Brian Hi, newbie here. Could someone show me how to properly escape the quotes in this code so it works properly? I'm having major problems with it, thanks. echo "<td style="background-color:#fff" onMouseover="this.style.backgroundColor='#ff9900';" onMouseout="this.style.backgroundColor='#fff';">" If I put into the database this string: Call the wife's son tomorrow How do I put it in to keep that apostrohe (wife's) and then when I retrieve it, also keep it without it displaying as wife/'s If I use stripslashes I think that just gets rid of the slash, but I want to KEEP the slash (but still protecting the database so it is not seen as a quote by the php code). I hope this is clear :-) So, I think you have all heard the news. THEY ARE GONE! Unfortunately, I do have some old code that I do not feel like going line by line and updating. I was wounding if you guys could help me out. I was hoping that there would be a way to set a define of some sort then when I grab something out of an SQL table it will automatically takeout the "\" (Slashes) and when I insert something into the database it will add the slashes... YES I know and have read the statement written by the php group [http://www.php.net/manual/en/securit...uotes.why.php] But i do not particularly want to go through my code and change everything by hand. If you have any idea, or would like me to explain it another way, please post. Any help will be greatly appreciated. --redcrusher Hi... I'm trying to get this code to work: echo "<a href='". $row['img_path']."'><img border=0 src='". $row['thumb_bw_path']."' onmouseover='this.src='". $row['thumb_path']."'' onmouseout='this.src='". $row['thumb_bw_path']."'' />". "</a></td> \n"; To get the hover effect that i want there is alot of quotes. The hover effect does not work and i guess it is because of the wrong use of quotes. The correct way is: Code: [Select] onmouseover="this.src='source_to_image'" But the use of double quotes " is not possible... Is there a simple solution to this? same(this.getParams['vb'], ab.fill(), 'vb test');Expected: false Result: "false" Diff: false "false" Please tell me how to fix this problem. I've got a file with some strings that have both types of quotes in them. And I seem to have managed to get the data, display it in my html, store it in a js array (using a json_encode in php and then simply inserting it into my js) but I cannot seem to pass the string as a parameter form an onclick function call to js.
For most strings the addslashes makes it work in the function call. But for those with both sets of quotes it won't work. My console tells me there are "unterminated string constants..". I've experimented with many silly changes but none make it work.
Ex. of the strings:
What do you mean "It's crooked"?
Of course I could remove the contraction and that would probably work, but that would be a hack, would not it?
Hi im struggling to find out how to get an if statement working with my random quote creator, here is the coding: Code: [Select] <?php include 'connect.php'; session_start(); $username = $_SESSION['loginusername']; $result = mysql_query("SELECT * FROM boxerinfo WHERE fighterrequest = '$username'"); while($row = mysql_fetch_array($result)) { $quotes[] = 'Go ahead, bite the big apple, don\'t mind the maggots, uh huh.'; $quotes[] = 'Happiness is a warm gun. (bang-bang, shoot-shoot.)'; $quotes[] = 'You may be a lover but you ain\'t no dancer.'; $quotes[] = 'Yeah you got lucky, babe. When I found you.'; $quotes[] = 'Out here in the fields, I fight for my meals.'; $quotes[] = 'You go back, jack, do it again. Wheel turnin\' round and round.'; $quotes[] = 'Don\'t let the sound of your own wheels drive you crazy.'; $quotes[] = 'Lord I\'m learning so much more, than back when I knew it all.'; $quotes[] = 'You get too much you get too high. Not enough and you\'re gonna die.'; $quotes[] = 'You were wrong when you said, \'everything was gonna be alright.\''; $quotes[] = 'I know just what you need. I might just have the thing.'; $quotes[] = 'I am hot, and when I\'m not, I\'m cold as ice.'; $random_number = rand(0,count($quotes)-1); echo $quotes[$random_number]; } ?> I just want if $quotes = (a certain quote) then insert into mysql table, anyone know how to do this on an array? thanks I am wondering since in php when you write string in " " quotes php will look if there is any variable and if it is it will read that variable and replace variable name with that value inside the string. However when i use ' ' quotes php will not look for any variables inside that string. So my question is when you write a really big application is it good to always use ' ' quotes when you can instead of " " ones. Does that have an impact on performance. Thanks |
|||||||