|
|
Posted by "Satyam" on 09/28/21 11:18
in htmlentities() use the second optional argument with a value of
ENT_QUOTES, which will escape also single quotes and is not the default.
Satyam
ps: which I didn't know and just read in the manual.
"Leila Lappin" <galaxylappin@optonline.net> wrote in message
news:JGENLMMBFKOGCEDPPLENCEAKCDAA.galaxylappin@optonline.net...
> Hello all,
>
> I hope this hasn't been answered a zillion times already, I've tried
> everything I know and nothing has worked. The following is the PHP
> statement
> and the HTML rendering. The apostrophe is displayed as is and breaks the
> browser. May be I am wrong but I was under the impression that escaping
> special characters with one of the these, htmlspecialchars, htmlentities,
> and addslashes would replace them with encoded (hex?) value so they wont
> break the browser. But it hasn't worked that way. I am using
> charset=iso-8859-1. This is my PHP:
>
> === This is the PHP ===
> <li>
> <a href="#"
> onclick='document.form1.how.value="<?=htmlentities($row['how'])?>";
> document.form1.factor.value="<?=addslashes($row['factor'])?>";document.form1
> ..submit();'><?= addslashes($row['factor'])?>
> </a>
> </li>
>
> ====== This is the rendering =======
> ====== (note the heart's apostrophe breaks IE and firefox) ===
> <li>
> <a href="#" onclick='document.form1.how.value="Pulmonary edema is a
> condition in which fluid accumulates in the lungs, usually because the
> heart's left ventricle does not pump adequately. In cases of severe
> pulmonary edema, the symptoms will worsen and include A drop in blood
> pressure resulting in a thready pulse.";
> document.form1.factor.value="Pulmonary
> edema";document.form1.submit();'>Pulmonary edema
> </a>
> </li>
Navigation:
[Reply to this message]
|