Reputation: 12335
how to properly use quotes in javascript
I am using a bit of JavaScript like this:
echo '<a href="javascript:playSong'."('$row[artist]','$row[title]','$row[sourcefile]')".'">';
My problem is that sometimes my $row[artist] and $row[title] variables contain double qoutes.
When this happens it breaks the javascript:playSong(); function call.
For example if the line was output like this:
<a href="javascript:playSong('Danny Elfman','Beetlejuice Theme (Kamei Halloween Edit)','2009-10-31-10-52-01.4521.data','28330')">
Everything would be fine.
But sometimes the function will look like this:
<a href="javascript:playSong('Danny Elfman','Beetlejuice "Theme" (Kamei Halloween Edit)','2009-10-31-10-52-01.4521.data','28330')">
Which would then cause my site to think the command ends at the double quote before "Theme" and thus cause it to fail.
Is there a way I should be properly quoting my javascript so it treats double quotes inside the function as text and no the end of the function.
I am using addslashes() and have tried various other encodings but nothing like that seems to work.
Upvotes: 0
Views: 396
Answers (3)
Reputation: 11563
Escaping ONLY with backslash won't help you because you also need to escape them in html, try using ' for single quotes and " for double quotes in your embedded js functions.
This should do what you need.
Sinan.
Upvotes: 1
Reputation: 4012
Edit: Oh. You need to escape it in html. Try htmlspecialchars:
Upvotes: 0
Reputation: 943142
The best solution here is to stop using href="javascript:… and start using unobtrusive JavaScript and progressive enhancement.
If you do want to continue down this route, then you need to remember that you are dealing with three different languages and generating one from the other in a chain.
Start with the JavaScript. Then make it work with the HTML. Then make it work with the PHP.
javascript:playSong('Danny Elfman','Beetlejuice "Theme" (Kamei Halloween Edit)','2009-10-31-10-52-01.4521.data','28330')
There are no syntax errors here. You just have double quotes in a string.
href="javascript:playSong('Danny Elfman','Beetlejuice "Theme" (Kamei Halloween Edit)','2009-10-31-10-52-01.4521.data','28330')"
Now you hava nested the JavaScript in an HTML attribute which is delimited with double quotes. This means that the double quotes in the JS are now a problem as it terminates the attribute value half way through the script.
Deal with these quotes in the usual way for HTML. Replace them with an HTML entity: "
href="javascript:playSong('Danny Elfman','Beetlejuice "Theme" (Kamei Halloween Edit)','2009-10-31-10-52-01.4521.data','28330')"
Then we get to the PHP:
echo '<a href="javascript:playSong'."('$row[artist]','$row[title]','$row[sourcefile]')".'">';
Dealing with quotes inside quotes inside quotes is a pain. So don't try.
href="javascript:playSong('<?php echo $row[artist] ?>','<?php echo $row[title] ?>','<?php echo $row[sourcefile]; ?>')"
You seem to have lost an argument between examples there.
Follow the normal rules for dealing with inserting content into HTML with PHP: htmlspecialchars
href="javascript:playSong('<?php echo htmlspecialchars($row[artist]); ?>','<?php echo htmlspecialchars($row[title]); ?>','<?php echo htmlspecialchars($row[sourcefile]); ?>')"
Upvotes: 3
Related Questions
- How to prevent error with quotation marks in JavaScript?
- PHP Inside JavaScript - Quotes Issue?
- calling javascript function from PHP - quotes issue
- PHP variable (with quotes) in JavaScript
- error using quote marks
- How to get line of code to accept single quote
- Problems with quotes when writing javascript code in PHP
- remove quotes from variable in javascript?
- Quotes problem when passing value to Javascript
- Javascript variable in quotes