PHP - Single And Double Quotes For Echo Lists Of A Tags Retrieving Data From Dbase
I have a navigation list displaying which is a mix of html and php, everything is working fine however now I want to convert this block of code into a function but am having major problems with quotes. The line of code I currently have is $data = $db->query("SELECT * FROM menu")->fetchAll(PDO::FETCH_ASSOC); foreach ($data as $row) { ?> <li><a href="<?php echo $row['url']; ?>" title="<?php echo $row['title']; ?>"><?php echo $row['icon'] . ' ' . $row['header']; ?></a></li> <?php } ?> As I say everything works using the above but now I am trying to echo the full li out and am having major issues with single and double quotes. I currently have echo "<li><a href='#' title='the title'><i class='fas fa-user site-nav--icon'></i> Help</a></li>"; Now I am trying to use the $row['url'], $row['title'], $row['icon'] & $row['header'] as per the top example but I cannot get the combination of quote marks correct, whether to use double, single or a combination. I would be grateful if someone could suggest the correct syntax for the a tag then I can work through the rest. Thanks Similar TutorialsThis code only works in firefox <a onMouseout='hidetooltip()' onMouseover='tooltip(\"<img src=img/heroes/$hero.gif\")' href='hero.php?hero=$hero'>Text</a> Btw, I use this in echo (php). How to get quotes (triple) on <img src= ? I also have tried <img src='img/heroes/$hero.gif' But only works on FireFox Hello everyone! This is my first post. I am very new to php and mysql and coding in general. It has not been made 100% clear to me as to when I should use single quotes, double quotes, and {}. From what I gather you use single quotes for literal interpretation... so if you put something like a variable in single quotes and echoed it, it would literally echo it as it is written and not the value of the variable. in double quotes, I gather that it will echo the value of the variable. as for {} I am unclear as to when to use the curly brackets for a variable. I am assuming if you had a statement in single quotes and you put a variable in curly brackets you would get the value of the variable?
Edited by LazerOrca, 25 November 2014 - 11:20 PM. I don't think I've asked this before have I?? can someone give me an internet KB that gives me all scenarios that warrant using singles or doubles? as in, wrapping values, variables, and why I need to do either, and when, etc, etc....? thanks Edited March 29 by ajetrumpetfor print html : What's Better, Faster and Optimized ?!? Code: [Select] echo "<tr height=\"22\"> <form action = \"{$URL}/admin/edit.php\" method=\"POST\"> <input type=\"hidden\" name=\"login\"> <td width=\"15%\" bgcolor=\"$bgcolor\"> <input type = \"text\" name = \"login\" value=" . $f['login'] . "></td> <td width=\"15%\" bgcolor=\"$bgcolor\"> <input type = \"password\" name = \"password\" value=" . $f['pass'] . "> </td> </form> </tr>"; With PHP Method 2 : ( single ) Code: [Select] echo ' <tr><form action = "' . URL . '/admin/editadmins.php" method="POST"> '; echo ' <td align="left" valign="top"><input type = "text" name = "login" value = "' . $f['login'] . '"></td>'; echo ' <td align="left" valign="top"><input type = "password" name = "password" value = "' . $f['pass'] . '"></td></form></tr>'; Method 3 : (With Html And Php echo ) Code: [Select] <tr height="22"> <form action = "../admin/editadmins.php" method="POST"> <td align="left" valign="top"><input type = "text" name = "login" value = "<?PHP echo $f['login']; ?>"></td> <td align="left" valign="top"><input type = "text" name = "password" value = "<?PHP echo $f['pass']; ?>"></td> </form> <tr> Thanks. Is there a difference between a single quote regex and and double quote regex ?
for example :
<?php $res1 = preg_match('/shi*t/', $comment); $res2 = preg_match("/shi*t/", $comment); ?>Thank you Edited by Dareros, 17 September 2014 - 07:07 PM. When I add a ' or " quotes in a textarea I get a sql error when it tries to insert the record.
I was told to use mysqli_real_escape_string but that didn't work.
Here's my code -
$blog= mysqli_real_escape_string($con, $_POST['blog']); $blog= $_POST['message']; $sql = "SELECT * FROM table WHERE `message` = '{$message}'"; $result = mysql_query($sql); if ( mysql_num_rows ( $result ) > 0 ) { $error = "Message Exists."; } else { $error = "This message does not exist. Insert it!!!"; $sql="INSERT INTO table (message) VALUES ('$_POST[message])"; } if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } mysqli_close($con) Edited by barkly, 26 October 2014 - 09:31 PM. The subject could be a bit vague, but my problem is simple. (I think so) So I made a php test site that is quite similar to a forum. Where you see a title or a subject and when you click on it you will see more details about that subject. I made my database and script for inserting data into my mySQL database. I also did my output aswell, so every topic is posted on a webpage "archive" where you can see all the subjects. But now I want to see the full details of that type of subject by clicking on it. I have no idea how to make that happen googled it but didn't find any results...just wondering if it's even possible to do that. I'm a new guy here! Quotation marks are confusing me.
What do you guys use when it comes to quotation marks?
In HTML attributes and throughout the bodies of my web pages, I use the HTML entity ("). For example:
<a href="" title="Read "Article Name""> <p>In his new book, he says: "This is a quote."</p>I thought that this is the best practice. However, today, I read that it's perfectly safe to use straight quotes (") in the body, and that I should use the HTML entity only in HTML attributes. Is that correct? But what if I want to use curly quotes in the body instead of straight quotes? Should I always use the HTML entities for curly quotes (“ and ”), or can I also safely use the characters (“”)? I heard that straight quotes are safe in all browsers, even if you don't specify the character set of your web pages, but that curly quotes are only safe if you specify the character set or if you use the HTML entities. Is that true? And what about the <q> tag? Apparently, it's compatible with all browsers but they treat it differently. Edited by Fluoresce, 30 August 2014 - 07:37 AM. A problem has arisen which puzzles me. I have forms which save data to MySql and retrieve it, showing it as the default data in the form. Naturally I escape any quotes before sending it to the database and remove the slashes when I retrieve it. But the form HTML code shows the data like this value="$variable" which is fine when only single quotes are used in the data but causes a problem when the user uses double quotes. So data of John \"Jack\" Smith would be output as value="John "Jack" Smith" with obvious problems. If I use value='...' then that would cause problems with single quotes. I haven't seen the answer in any of my books. The only things I can think of is changing all double quotes to single before saving to DB or converting them with htmlspecialcharacters so they are no longer actual quotes. same(this.getParams['vb'], ab.fill(), 'vb test');Expected: false Result: "false" Diff: false "false" Please tell me how to fix this problem. I'm designing a website that takes user input from in a <textarea></textarea> and enters the input into a database. Everything works besides if the user has double quotes (") in his/her message. (the name of the table that I want to add to is alluserposts) What i have so far is the following: from index.php: <form action="insert2.php" method="post"><textarea name="user_post" rows="6" cols="35"></textarea></form> from insert2.php: mysql_query("INSERT INTO alluserposts (post_value) VALUES(" . "\"" . $_POST['user_post'] . "\")" ,$db) or die(mysql_error($db)); I want the user to be able to input any character. How can i do that? I am wondering since in php when you write string in " " quotes php will look if there is any variable and if it is it will read that variable and replace variable name with that value inside the string. However when i use ' ' quotes php will not look for any variables inside that string. So my question is when you write a really big application is it good to always use ' ' quotes when you can instead of " " ones. Does that have an impact on performance. Thanks I have created a simple form that collects a comment or question from a visitor to my website. The problem is that if the visitor types: Your site looks Ok. I will get that message. But if the type: Your site needs "Work". I will get: Your site needs The script will not send the double quotes or anything after the double quotes What am I missing??? I have tried: addslashes() str_replace() preg_replace() with on change to the message. This is the script Code: [Select] <?php $recipient = $_POST['recipient']; $subject = $_POST['subject']; $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $senders_email_address = $_POST['senders_email_address']; $comments = $_POST['comments']; $mailheaders .= "To: Thin Dime Web. <$recipient>\n"; $mailheaders .= "From: $first_name $last_name <$senders_email_address>\n"; $body .= "Subject: $subject\n\n"; $body .= "Senders Name: $first_name $last_name\n"; $body .= "E-mail Address: $senders_email_address\n\n"; $body .= "The following Comments or Question came from a visitor to your website\n"; $body .= "\n"; $body .= "$comments\n"; mail("$recipient", "$subject", "$body", "$mailheaders"); ?> Hi all I have a field in mySQL table called dimensions. It has the double quote in in for inches - " When I echo the result from the mySQL query on the item page (Customer facing) it's fine. However, I have built a form so that the administrator can edit the dimensions in the admin panel and when I echo it out in to the form field it stops when it gets to the double quotes? Pete Greetings, I'm trying to execute a shell command with a user-supplied password as input. The password may contain apostrophes and and virtually any other character. Unfortunately, when using escapeshellarg(), the password argument is interpreted as two separate arguments, as escapeshellarg() will handle apostrophes (single quotes) by breaking out of the already quoted text and using a backslash escape. $password = escapeshellarg("ex'ample!%"); // The password will actually be supplied by an HTML form. $command = ('echo '.$password); echo "$command"; // Returns 'ex'\''ample!%' Does anyone have any input on how to accomplish what I'm trying to do? I'd like to allow obscure passwords without disallowing specific characters, while still being "safe" in passing the information to a shell command. Double quotes would work for passing single quotes, but I'm afraid I might break other characters there. Thanks. I have a simple form that connects to this php page. Only two variables, "ArticleDescription" & "URL". I've tried a number of things, several of which are listed below, but have had no success. I'm certain it's just my idiocy but am requesting some help with this. I KNOW it's an easy fix, it's just over my head, I'm only four days into programming, so I'm a complete newb. Your kindness is requested. ---- <?php // connection mysql_select_db("doofyd5_comments", $con); $ArticleDescription=mb_convert_encoding($ArticleDescription, 'UTF-8', 'UTF-8'); $URL=htmlspecialchars($URL, ENT_QUOTES); $ArticleDescription=str_replace('\"','"',$ArticleDescription); $sql="INSERT INTO web_articles (ArticleDescription, URL) VALUES ('$_POST[ArticleDescription]','$_POST[URL]')"; if (mysql_query($sql,$con)) { header ("location:desiredurl"); require_once('desiredurl"); exit(); } else { echo "You may have added a single quote to the article description!"; } mysql_close($con) ?> ---- I have a paragraph in a text in my data table column with apostrophes and heights, like, "He'll likely grow beyond 6'6"."
I've tried addslashes($update), but it's not working. (At another time I thought I had something like that.) Is there something that will take care of it short of typing \ before every instance I use quotes, the using stripslash? how do i handle single quotes in sql query Code: [Select] " SELECT name from phrase WHERE name='$stitle' ";this returns an error because the name contains single quotes like this: Johnson's. I'm using the codeigniter mvc framework and there's an escape function to use before adding the data to the database. This function adds single quotes around the string of data. Is there any already existing php function or does anyone know how to code a function that strips ONLY the surrounding single quotes? |