echo display $content

Question

Short example of my problem:

$myname = "Blah Blah";

$content = "<table><tr><td>".$myname."</td></tr></table>";

<?php
echo "<table><tr><td>".$myname."</td></tr></table><form name='makepdf' action='make_pdf.php?content=$content' method='POST'><button class='cupid-green' name='submitpdf'>Prenos PDF</button></form>";
?>

I will catch $content in make_pdf.php file later...

But the problem is that I get double display of $content where echo is presented. But if I change action='make_pdf.php?content=test' it works OK. I also catch $content in make_pdf.php.

I tried to make:

<input type='hidden' name='content' value='$content'>

I get similar or worse results because I don't catch $content = $_GET['content']; in make_pdf.php

Any solution?

Answer 1

in PHP

<?php echo "<input type='hidden' name='content' value='" . $content . "'>";

?>

in HTML

<input type="hidden" name="content" value="<?php echo htmlspecialchars($content); ?>">

Answer 2

Encode it using PHP's htmlspecialchars function:

value="<?php echo htmlspecialchars($content); ?>"

Answer 3

Try to avoid echo-ing static HTML from PHP, it just complicates things.

You need to encode the markup for use in a value attribute using htmlspecialchars(). For example

?>

<input type="hidden" name="content" value="<?= htmlspecialchars($content) ?>">

<?php