1

So here's the problem. I have data in a MySQL DB as text. The data is inserted via mysql_real_escape_string. I have no problem with the data being displayed to the user.

At some point I want to pass this data into a javascript function called foo.

// This is a PHP block of code
// $someText is text retrieved from the database

echo "<img src=someimage.gif onclick=\"foo('{$someText}')\">";

If the data in $someText has line breaks in it like:

Line 1
Line 2
Line 3

The javascript breaks because the html output is

<img src=someimage.gif onclick="foo('line1
line2
line3')">

So the question is, how can I pass $someText to my javascript foo function while preserving line breaks and carriage returns but not breaking the code?

===========================================================================================

After using json like this:

echo "<img src=someimage.gif onclick=\"foo($newData)\">";

It is outputting HTML like this:

onclick="foo("line 1<br \/>\r\nline 2");">

Which displays the image followed by \r\nline 2");">

Improve this question
3

4 Answers 4

Reset to default
2

json_encode() is the way to go:

$json = json_encode($someText); # this creates valid JS
$safe = HtmlSpecialChars($json); # this allows it to be used in an HTML attribute
echo "<img src=someimage.gif onclick=\"foo($safe)\">";

You can see a demo here: http://codepad.org/TK45YErZ

Improve this answer
6
  • I've updated the question after using json. Any suggestions for the problem that is occurring? Commented Apr 3, 2012 at 23:22
  • Updated with the bit you're probably missing - quotes inside quotes need to be html escaped too. Commented Apr 3, 2012 at 23:25
  • That was what I needed Cal. Thank you very much. As soon as I have 15 reputation I will vote this up. Thanks again! Commented Apr 3, 2012 at 23:34
  • One more question if you're still around. Now that it has passed to my script, I'm having the data display in a textarea to the user, however I don't want the data to be shown with <br /> etc, is there a javascript equivalent to json_decode()? Commented Apr 3, 2012 at 23:39
  • it sounds like you're storing the '<br>' in your database, which is probably not what you want to be doing. you could solve it a few ways, but an easy hack would be to do document.getElementById('my-textarea').innerHTML = the_data; so that the browser decodes the HTML for you. Commented Apr 3, 2012 at 23:44
0

If I'm not interpreting badly you may do this:

// This is a PHP block of code
// $someText is text retrieved from the database

echo "<img src=someimage.gif onclick=\"foo('{".trim( preg_replace( '/\s+/', ' ',$someText ) )."}')\">";
Improve this answer
1
  • This will remove any kind of new line and effectively alter $someText. Commented Apr 3, 2012 at 22:49
0

You'll save yourself a lot of headaches by pulling the JavaScript out of the HTML:

<img id="myImage" src="someimage.gif"/>
<script type="text/javascript">
    var str = <?php echo json_encode($json); ?>;
    document.getElementById('myImage').addEventListener(
        'click',
        function() {
            foo(str);
        }
    );
</script>

Or something similer...

Improve this answer
0

Only json_encode() is enough to escape the new line

echo "<img src=someimage.gif onclick=\"foo(".json_encode($newData).")\">";
Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.