Joined: Dec 02, 2006 Posts: 1364 Location: Texas, USA
Posted:
Mon Apr 11, 2011 8:15 pm
Looking for a function to escape HTML for use in Inline JavaScript, and having trouble believing I would have to create a function to do so...
json_encode works exactly how I want, with a couple of deal breakers... json_encode only works with UTF-8 encoded data, and it also requires php5.2+. Might work great for a future version of RN, but for now??
Only registered users can see links on this board! Get registered or login to the forums!
I suppose if I wrap the script in CDATA I only really need to escape double-quotes, but there has to be a better way, right? Any thoughts?
NOTE: json_encode works in the current version of RN, provided the string does not include UTF characters; in which case it returns null.
Joined: Aug 27, 2002 Posts: 16987 Location: Kansas
Posted:
Mon Apr 11, 2011 10:15 pm
Can you please detail and give an example of what you are trying to do? I'm confused with escaping and encoding/decoding (the mixing of the terms). So I need to understand the context.
Joined: Dec 02, 2006 Posts: 1364 Location: Texas, USA
Posted:
Mon Apr 11, 2011 10:44 pm
Well here's a little more background, I was working on some improvements to the broadcast message function, using a similar notification bar to that used on
Only registered users can see links on this board! Get registered or login to the forums!
Found a nice script that will work from the JS body array so it only needs to load when there is a message to display. But ideally I need to take this:
Code:
<div id="public-message"><div id="public-message-head">Public Message from <a href="modules.php?name=Your_Account&op=userinfo&username=ErwinJohannes">ErwinJohannes</a></div><div id="public-message-foot"><a href="modules.php?name=Your_Account&op=edithome">Turn Off Public Messages</a></div><div id="public-message-body">Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor </div></div>
and escape it like so
Code:
<div id=\"public-message\"><div id=\"public-message-head\">Public Message from <a href=\"modules.php?name=Your_Account&op=userinfo&username=ErwinJohannes\">ErwinJohannes<\/a><\/div><div id=\"public-message-foot\"><a href=\"modules.php?name=Your_Account&op=edithome\">Turn Off Public Messages<\/a><\/div><div id=\"public-message-body\">Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor <\/div><\/div>
Joined: Aug 27, 2002 Posts: 16987 Location: Kansas
Posted:
Mon Apr 11, 2011 11:25 pm
Try this - Forget escaping with \ - use
Only registered users can see links on this board! Get registered or login to the forums!
syntax. Note:
Quote:
Heredoc text behaves just like a double-quoted string, without the double quotes. This means that quotes in a heredoc do not need to be escaped, but the escape codes listed above can still be used. Variables are expanded, but the same care must be taken when expressing complex variables inside a heredoc as with strings.
Code:
echo <<< _SPASTIC_
<div id="public-message"><div id="public-message-head">Public Message from <a href="modules.php?name=Your_Account&op=userinfo&username=ErwinJohannes">ErwinJohannes</a></div><div id="public-message-foot"><a href="modules.php?name=Your_Account&op=edithome">Turn Off Public Messages</a></div><div id="public-message-body">Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor </div></div>
_SPASTIC_
Joined: Dec 02, 2006 Posts: 1364 Location: Texas, USA
Posted:
Mon Apr 11, 2011 11:44 pm
Not real familiar with Heredoc, looks like I have some reading to do
Although I'm not sure if it will help me here. I probably wasn't 100% clear, I need the html output escaped for html validation purposes, since this is an inline javascript.
Code:
<script type="text/javascript">
$(function(){
$("body").bar({
color : "#111111",
background_color : "#FFFFFF",
removebutton : true,
message : "<div id=\"public-message\"><div id=\"public-message-head\">Public Message from <a href=\"modules.php?name=Your_Account&op=userinfo&username=ErwinJohannes\">ErwinJohannes<\/a><\/div><div id=\"public-message-foot\"><a href=\"modules.php?name=Your_Account&op=edithome\">Turn Off Public Messages<\/a><\/div><div id=\"public-message-body\">Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor <\/div><\/div>",
time : 20000
});
}
);
</script>
This could be done by str_replace I just thought I would throw it out there after recently finding json_encode, and wondering if there was a better method that didn't require UTF-8 and/or php 5.2+
View next topic View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
