Probleme php html with quote "

Hi
I try to read a variable $TITLE in e input firl type texte.
Name:
name='titre'
size='60'
maxlength='60'
value='$TITRE'>
";
The probleme is when I have a quote in the title like
mister O'Neil the field give only mister O. The quote has probleme with the
html quote.
how can I go around this problem
regards
claude

Re: Probleme php html with quote "

Claude a écrit :
> Hi
> I try to read a variable $TITLE in e input firl type texte.
> Name:
> > name='titre'
> size='60'
> maxlength='60'
> value='$TITRE'>
> ";
> The probleme is when I have a quote in the title like
> mister O'Neil the field give only mister O. The quote has probleme with the
> html quote.
> how can I go around this problem
> regards
> claude

You should use double quote for every attribute in HTML.


regarding special chars, an option is to use addslashes function. Or
just a str_replace('"', '\"', $TITRE) to handle the double quotes, same
could go for newlines, etc.

Regards,
--
Guillaume

Re: Probleme php html with quote "

On 2 Apr, 13:08, Jerry Stuckle wrote:
> Guillaume wrote:
> > Claude a =E9crit :
> >> Hi
> >> I try to read a variable $TITLE in e input firl type texte.
> >> Name:
> >> > >> name=3D'titre'
> >> size=3D'60'
> >> maxlength=3D'60'
> >> value=3D'$TITRE'>
> >> ";
> >> The probleme is when I have a quote in the title like
> >> mister O'Neil the field give only mister O. The quote has probleme
> >> with the html quote.
> >> how can I go around this problem
> >> regards
> >> claude
>
> > You should use double quote for every attribute in HTML.
> > =3D" > > echo $TITRE; ?>" />
>
> > regarding special chars, an option is to use addslashes function. Or
> > just a str_replace('"', '\"', $TITRE) to handle the double quotes, same
> > could go for newlines, etc.
>
> > Regards,
>
> The correct function to use here would be htmlspecialchars() (or
> htmlentities()).
>

Jerry is right: html allows single quotes to be embedded within double
quotes and viceversa - but obviously this does not account for every
scenario.

Watch out for what you get back - there are various irreversible
versions of the magic quotes option. Going forward they are all
deperecated.

C.

Re: Probleme php html with quote "

Jerry solution works well but I will try guillaume one to

thank very much
claude
"Jerry Stuckle" a écrit dans le message de news:
sNadnTUPIJqs9G7anZ2dnUVZ_sHinZ2d@comcast.com...
> Guillaume wrote:
>> Claude a écrit :
>>> Hi
>>> I try to read a variable $TITLE in e input firl type texte.
>>> Name:
>>> >>> name='titre'
>>> size='60'
>>> maxlength='60'
>>> value='$TITRE'>
>>> ";
>>> The probleme is when I have a quote in the title like
>>> mister O'Neil the field give only mister O. The quote has probleme with
>>> the html quote.
>>> how can I go around this problem
>>> regards
>>> claude
>>
>> You should use double quote for every attribute in HTML.
>>
>>
>> regarding special chars, an option is to use addslashes function. Or just
>> a str_replace('"', '\"', $TITRE) to handle the double quotes, same could
>> go for newlines, etc.
>>
>> Regards,
>
> The correct function to use here would be htmlspecialchars() (or
> htmlentities()).
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstucklex@attglobal.net
> ==================
>

Re: Probleme php html with quote "

Claude schreef:
> Jerry solution works well but I will try guillaume one to
>
> thank very much
> claude

Hi Claude,

Are you going to use them both?
How?

Just use htmlspecialchars(), it is designed for excactly your problem.

Erwin Moller

> "Jerry Stuckle" a écrit dans le message de news:
> sNadnTUPIJqs9G7anZ2dnUVZ_sHinZ2d@comcast.com...
>> Guillaume wrote:
>>> Claude a écrit :
>>>> Hi
>>>> I try to read a variable $TITLE in e input firl type texte.
>>>> Name:
>>>> >>>> name='titre'
>>>> size='60'
>>>> maxlength='60'
>>>> value='$TITRE'>
>>>> ";
>>>> The probleme is when I have a quote in the title like
>>>> mister O'Neil the field give only mister O. The quote has probleme with
>>>> the html quote.
>>>> how can I go around this problem
>>>> regards
>>>> claude
>>> You should use double quote for every attribute in HTML.
>>>
>>>
>>> regarding special chars, an option is to use addslashes function. Or just
>>> a str_replace('"', '\"', $TITRE) to handle the double quotes, same could
>>> go for newlines, etc.
>>>
>>> Regards,
>> The correct function to use here would be htmlspecialchars() (or
>> htmlentities()).
>>
>> --
>> ==================
>> Remove the "x" from my email address
>> Jerry Stuckle
>> JDS Computer Training Corp.
>> jstucklex@attglobal.net
>> ==================
>>
>
>

Re: Probleme php html with quote "

Guillaume wrote:
> Claude a écrit :
>> Hi
>> I try to read a variable $TITLE in e input firl type texte.
>> Name:
>> >> name='titre'
>> size='60'
>> maxlength='60'
>> value='$TITRE'>
>> ";
>> The probleme is when I have a quote in the title like
>> mister O'Neil the field give only mister O. The quote has probleme
>> with the html quote.
>> how can I go around this problem
>> regards
>> claude
>
> You should use double quote for every attribute in HTML.
>
>
> regarding special chars, an option is to use addslashes function. Or
> just a str_replace('"', '\"', $TITRE) to handle the double quotes, same
> could go for newlines, etc.
>
> Regards,

The correct function to use here would be htmlspecialchars() (or
htmlentities()).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Re: Probleme php html with quote "

Erwin Moller a écrit :
> Claude schreef:
>> Jerry solution works well but I will try guillaume one to
>>
>> thank very much
>> claude
>
> Hi Claude,
>
> Are you going to use them both?
> How?
>
> Just use htmlspecialchars(), it is designed for excactly your problem.

Well mine was lazy, since my main point actually was to use double quote
on HTML attributes.
Still using str_replace *can* be added in case the input might have
newlines, which htmlspecialchars won't replace. But that is only for
very special cases, it should usually not be useful in any way.

Still, Jerry had the good point :p

Regards,
--
Guillaume

Re: Probleme php html with quote "

Jerry Stuckle a écrit :
> For newline characters there is nl2br().
Yep, but you might want something else (or nothing) than a "
" ^^

Regards,
--
Guillaume

Re: Probleme php html with quote "

..oO(Guillaume)

>Claude a écrit :
>> Hi
>> I try to read a variable $TITLE in e input firl type texte.
>> Name:
>> >> name='titre'
>> size='60'
>> maxlength='60'
>> value='$TITRE'>
>> ";
>> The probleme is when I have a quote in the title like
>> mister O'Neil the field give only mister O. The quote has probleme with the
>> html quote.
>> how can I go around this problem
>> regards
>> claude
>
>You should use double quote for every attribute in HTML.

Single quotes are perfectly fine. And even with double quotes you have
to escape some characters or you will have the same problem again.

Micha

Re: Probleme php html with quote "

..oO(Jerry Stuckle)

>For newline characters there is nl2br().

Only if you want XHTML, it's not suitable for HTML.

Micha

Re: Probleme php html with quote "

Guillaume wrote:
> Erwin Moller a écrit :
>> Claude schreef:
>>> Jerry solution works well but I will try guillaume one to
>>>
>>> thank very much
>>> claude
>>
>> Hi Claude,
>>
>> Are you going to use them both?
>> How?
>>
>> Just use htmlspecialchars(), it is designed for excactly your problem.
>
> Well mine was lazy, since my main point actually was to use double quote
> on HTML attributes.
> Still using str_replace *can* be added in case the input might have
> newlines, which htmlspecialchars won't replace. But that is only for
> very special cases, it should usually not be useful in any way.
>
> Still, Jerry had the good point :p
>
> Regards,

For newline characters there is nl2br().

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Re: Probleme php html with quote "

To finish No I won't use both but only the one Jerry told us which works
fine
Regards
claude
"Michael Fesser" a écrit dans le message de news:
iu87v35d1vrniabvjadvkfk98lo343m64m@4ax.com...
> .oO(Guillaume)
>
>>Claude a écrit :
>>> Hi
>>> I try to read a variable $TITLE in e input firl type texte.
>>> Name:
>>> >>> name='titre'
>>> size='60'
>>> maxlength='60'
>>> value='$TITRE'>
>>> ";
>>> The probleme is when I have a quote in the title like
>>> mister O'Neil the field give only mister O. The quote has probleme with
>>> the
>>> html quote.
>>> how can I go around this problem
>>> regards
>>> claude
>>
>>You should use double quote for every attribute in HTML.
>
> Single quotes are perfectly fine. And even with double quotes you have
> to escape some characters or you will have the same problem again.
>
> Micha