PHP - Single Quote And Double Quotes Difference ?

for print html : What's Better, Faster and Optimized ?!?

Code: [Select]
echo "<tr height=\"22\">
    <form action = \"{$URL}/admin/edit.php\" method=\"POST\">
      <input type=\"hidden\" name=\"login\">
      <td width=\"15%\" bgcolor=\"$bgcolor\">&nbsp;<input type = \"text\" name = \"login\" value=" . $f['login'] . "></td>
      <td width=\"15%\" bgcolor=\"$bgcolor\">&nbsp; <input type = \"password\" name = \"password\" value=" . $f['pass'] . "> </td>
    </form>
        </tr>";

With PHP Method 2 : ( single )

Code: [Select]
echo ' <tr><form action = "' . URL . '/admin/editadmins.php" method="POST"> ';
 echo ' <td align="left" valign="top"><input type = "text" name = "login" value = "' . $f['login'] . '"></td>';
 echo ' <td align="left" valign="top"><input type = "password" name = "password" value = "' . $f['pass'] . '"></td></form></tr>';

Method 3 : (With Html And Php echo )

Code: [Select]
<tr height="22">
<form action = "../admin/editadmins.php" method="POST">
<td align="left" valign="top"><input type = "text" name = "login" value = "<?PHP echo $f['login']; ?>"></td>
<td align="left" valign="top"><input type = "text" name = "password" value = "<?PHP echo $f['pass']; ?>"></td>
</form>
<tr>
Thanks.

I have a navigation list displaying which is a mix of html and php, everything is working fine however now I want to convert this block of code into a function but am having major problems with quotes.

The line of code I currently have is 

$data = $db->query("SELECT * FROM menu")->fetchAll(PDO::FETCH_ASSOC);

foreach ($data as $row) { ?>
     <li><a href="<?php echo $row['url']; ?>" title="<?php echo $row['title']; ?>"><?php echo $row['icon'] . ' ' . $row['header']; ?></a></li>

<?php
	}
?>

As I say everything works using the above but now I am trying to echo the full li out and am having major issues with single and double quotes.

I currently have 

echo "<li><a href='#' title='the title'><i class='fas fa-user site-nav--icon'></i> Help</a></li>";

Now I am trying to use the $row['url'], $row['title'], $row['icon'] & $row['header'] as per the top example but I cannot get the combination of quote marks correct, whether to use double, single or a combination.

I would be grateful if someone could suggest the correct syntax for the a tag then I can work through the rest.

Thanks

A problem has arisen which puzzles me. I have forms which save data to MySql and retrieve it, showing it as the default data in the form. Naturally I escape any quotes before sending it to the database and remove the slashes when I retrieve it. But the form HTML code shows the data like this value="$variable" which is fine when only single quotes are used in the data but causes a problem when the user uses double quotes. So data of John \"Jack\" Smith would be output as value="John "Jack" Smith" with obvious problems. If I use value='...' then that would cause problems with single quotes.

I haven't seen the answer in any of my books. The only things I can think of is changing all double quotes to single before saving to DB or converting them with htmlspecialcharacters so they are no longer actual quotes.

Hi,

I'm trying to delete a string that's single quoted. From: Cyto's to Cyto, but doesn't work. It works when I add 's to the string with stripslashes, but I can't seem to delete a quote from a string.
Does someone know how?

My $_post code:
Code: [Select]
$name=mysql_real_escape_string(stripslashes($_POST["ename"]));
Cheers

 

same(this.getParams['vb'], ab.fill(), 'vb test');

    Expected: false
Result: "false"
Diff:     
false "false"   Please tell me how to fix this problem.

I am wondering since in php when you write string in " " quotes php will look if there is any variable and if it is it will read that variable and replace variable name with that value inside the string. However when i use ' ' quotes php will not look for any variables inside that string. So my question is when you write a really big application is it good to always use ' '  quotes when you can instead of " " ones. Does that have an impact on performance. Thanks

I'm designing a website that takes user input from in a <textarea></textarea> and enters the input into a database. Everything works besides if the user has double quotes (") in his/her message. (the name of the table that I want to add to is alluserposts)

What i have so far is the following:
from index.php:
<form action="insert2.php" method="post"><textarea name="user_post" rows="6" cols="35"></textarea></form>

from insert2.php:
mysql_query("INSERT INTO alluserposts (post_value) VALUES(" . "\"" . $_POST['user_post'] . "\")" ,$db) or die(mysql_error($db));

I want the user to be able to input any character. How can i do that?

I am making a simple script for my friend that uses mod_rewrite, but for testing I don't use the mod_rewrite link.

The page is video.php
The extension is ?title=

I have having a problem when I type the title with a Single Quote in it(').
Example.
video.php?title=The-Sorcerer's-Apprentice
I have str_replace for the dash(-) to be replaced as a space, so that's not the problem. Here's my code.


<?php
if($_GET) {
$title="{$_GET['title']}";
$title = str_replace('_', ' ', $title);
$title = str_replace('-', ' ', $title);
if ($list = mysql_query("SELECT * FROM videos WHERE title='". mysql_real_escape_string($title) ."'") or die (mysql_error())); {
if(mysql_num_rows($list) > 0){
if (mysql_num_rows($list)) {
while($videos=mysql_fetch_array($list)) {
?>
<div id="content">
<center><h3><?php echo $videos['title']; ?></h3>
<object width="640" height="385"><param name="movie" value="<?php echo $videos['youtubelink']; ?>"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="<?php echo $videos['youtubelink']; ?>" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object>
<br/><br/><a onclick="javascript:history.go(-1)" href="#">Go Back</a>
</center>
</div>
<?php 
}
}
}
?>

I am trying to do the seemingly simple thing - replace all single quotes in text

str_replace ("'", "&acute;", $text);

It does not replace anything.

I trying escaping single quote, using other similar functions - nope. Also tried to google

What I an doing wrong? Any help would ne much appreciated.

This will have been posted before, but I can't find a solution that works.  Most people say to try mysql_real_escape_string, I have tried lots of variations and it doesn't seem to work.

Could anyone help with the below code?  It is part of a form that returns a syntax error when adding a single quotation mark e.g. entering "Bryan's" into the form causes the error.

I'd be really grateful for any assistance.

Steven

P.S. Before anyone mentions it, the mysql connect does work - I just haven't included the full page of code.

Code: [Select]

mysql_connect($dbserver, $dbusername, $dbpassword);
mysql_select_db($dbname);

$sitetitle = htmlentities($_POST[sitetitle]);

$query = mysql_query("UPDATE site_settings SET sitetitle = '$sitetitle'");

echo("<b>Settings Updated!</b>");

I have a form that people can fill out, and then it echos the string, however right now they can't use single quotes. Below is how I have it settup.
Code: [Select]
$side = '<p>About Me:</p>
<ul>
    <li>Birth Date: October, 23rd, 2010</li>
    <li>Hometown: Rapid City, SD</li>
    <li>Height: 4\'</li>
    <li>Weight: 50lbs</li>
    <li>Foot Size: 4</li>
    <li>Favorite Movie: All of the Shrek Movies!</li>
    <li>Favorite Book: Winnie the Pooh Series</li>
    <li>Favorite Cartoon Character: Eeyore or Donkey from Shrek!</li>
    <li>Favorite TV Show: Anything on Animal Planet!</li>
    <li>Favorite Food: Hay</li>
    <li>Favorite Pro Sports Team: Rapid City Rush</li>
    <li>Favorite Mascot:  Nugget, of course!</li>
    <li>Favorite Game: Donkey Kong!<br />
    &nbsp;</li>
</ul>';
      if ($side != NULL){
         echo "<div class=\"grid_6\" id=\"tertiary\">
         $side
      </div>";
      }else{
 
  }
And I would be able to use $side = "whatever I want to write"; because then they would still need to escape the double quotes with \" if they wanted to put in a link or anything. How do I do this with allowing them to just use single quotes when they enter their data so they don't have to \' (escape the single quote)?

Thanks

Hi,

I am able to parse php variable in double quote but not in single quote.

How can I parse in single quote.

Following example shows 2 results and I want same result in both.

First Name :    Zohaib
First Name :    $firstname

Code: [Select]
// Connecting, selecting database
$link = mysql_connect('localhost', 'root', 'password');
mysql_select_db('dbname');

// Performing SQL query
$query = 'SELECT first_name FROM tablename';
$result = mysql_query($query);

// Printing results in HTML
while ($row = mysql_fetch_assoc($result)) {
$firstname=$row['first_name'];
}

echo"<table>
<tr>
<td>First Name : </td>
<td>$firstname</td>
</tr></table>";

echo'<table>
<tr>
<td>First Name : </td>
<td>$firstname</td>
</tr></table>';
What are the changes I need to do to achieve same result.

Any solution ?

- Thanks.

I have created a simple form that collects a comment or question from a visitor to my website.

The problem is that if the visitor types:
Your site looks Ok.
I will get that message.

But if the type: Your site needs "Work".
I will get: Your site needs

The script will not send the double quotes or anything after the double quotes

What am I missing???

I have tried:
addslashes()
str_replace()
preg_replace()

with on change to the message.



This is the script

Code: [Select]
<?php

$recipient = $_POST['recipient'];
$subject = $_POST['subject'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$senders_email_address = $_POST['senders_email_address'];
$comments = $_POST['comments'];

$mailheaders .= "To: Thin Dime Web. <$recipient>\n";
$mailheaders .= "From: $first_name $last_name <$senders_email_address>\n";



       $body .= "Subject: $subject\n\n";
       $body .= "Senders Name: $first_name $last_name\n";
       $body .= "E-mail Address: $senders_email_address\n\n";

       $body .= "The following Comments or Question came from a visitor to your website\n";
       $body .= "\n";
       $body .= "$comments\n";


       mail("$recipient", "$subject", "$body", "$mailheaders");

?>

Let me preface this by saying that I've been using php for a while, but never got extremely advanced, so feel free to slap me about for something stupid...

I'm working through a jQuery & PHP book, and I've noticed that he's wrapping all his column and table names in the apostrophe ` when making MySQL queries .   In the past I've never done this.  What does the ` do?  I understand about single quotes and double quotes, but haven't come across the ` being used.  What's the deal?

Hi
I have a simple form and when the user submits, php is putting a \ before every single quote entered in the field. So for example, if a user enters O'Neill, once i do
$lastName = $_POST["lastname"];

$lastName comes back as: O\'Neill

is there some way I can turn this off?