auto escape double quotes in php. anyone?

DingDang · #1 (**permalink**) 17-09-2003, 03:41 PM

so, as u can see from my forum, erakan.net, now i'm using PHPNuke as my backend. as a newbie in PHP, here is my question :

does PHP support auto escape for double quotes? like in Perl, i used to write :

$myvar =qq~i can use "as" many as """"double"""" quotes in here bcoz perl have qq = that is stand for "Double Quote"~;

but with PHP, i saw many people are using something like this :

$myvar = "i have to \"be\" carefull here so i don't forget to escape my \"double\" quotes!";

any info?

thank you.

lcf · #2 (**permalink**) 17-09-2003, 04:28 PM

\x is the character escape way for PHP.

I think php functions: htmlentities() and html_entity_decode() are what you want.

sufyan · #3 (**permalink**) 17-09-2003, 04:32 PM

In php, you can't use your double quotes like in Perl or ASP, but what you can do is use "double quotes" with 'single quotes'. For example:

PHP Code:


			
$var = 'This "is" an example!';

echo $var;

or the other way around also works.

lcf · #4 (**permalink**) 17-09-2003, 04:51 PM

suryan is right.

note: variable will not be printed as its value in between single quote.

PHP Code:


			
$a = "variable";

$var = 'This "is" a $a!';

echo $var;

the result will be: This "is" a $a!
,and Not: This "is" a variable!

DingDang · #5 (**permalink**) 18-09-2003, 12:16 AM

yup.. that is a problem when we use single quotes instead of double. urmm.. do we need to escape single quotes when using single quotes? :/

anyway, i don't think using htmlentities() is a perfect choice for this case because it will convert quote to html code, and that is not we want. what if the variable is holding a code for form?

so, is there any \"easy\" aproach escaping the quotes in PHP without manually doing it and mess the whole HTML codes with \"escape quote\"?

i really miss my qq in perl

lcf · #6 (**permalink**) 18-09-2003, 01:02 AM

"do we need to escape single quotes when using single quotes?" -- I think so.

you already knew the 'easy' way. ( \" )
dun be lazy lah~ :P

U use so many quotes until need a lazy way to do it? hehehe...

DingDang · #7 (**permalink**) 18-09-2003, 01:27 AM

i see.. so that is the only way of doing quote thingy in PHP.

Quote:

U use so many quotes until need a lazy way to do it? hehehe...

no larr.. i just curious because PHP said to be EASY and FASTER (in term of programming), but if i want to build a form, WAAAWIII!!!, \"i\" \"really\" \"need\" \"something\" \"to\" \"automagically\" \"escape\" \"this\" \"!\"\"!\"\"!\"

second, it really mess out the codes. like when u use visual basic and need to insert a variable using & var & inbetween the string... that is soooooooooooooooo annoying!

PHP need to have qq like Perl does. if they can think about htmlentities(), why not move one step ahead and introduce qq...

anyway, i welcome myself to the world of PHP.. and my first step is to create a macros for auto \"

MHR · #8 (**permalink**) 18-09-2003, 08:12 AM

kalau aku la, aku disable magic gpc then just addslashes kat form tu punya value before inserting into db. tak yah la tulis \"

MHR · #9 (**permalink**) 18-09-2003, 08:13 AM

PHP Code:


			
function slash_array(&$array)

    {

        if(is_array($array))

        {

            if (get_magic_quotes_gpc () == "0")

            {

                reset($array);

                while(list($key,$val)=each($array))

                {

                    if(is_string($val))

                    {

                        $array[$key]=$this->addslashes($val);

                    }

                    elseif(is_array($val))

                    {

                        $array[$key]=slash_array($val);

                    }

                }            

            }

        }



        return $array;

    }

tak pun guna function ni, so just $_POST = slash_array($_POST);

whatever suits you man... im just giving suggestions

MHR · #10 (**permalink**) 18-09-2003, 08:15 AM

umm, just read the post above, kalau ko nak buat string on the other hand, kena bubuh slash tu manually. haha. tu wajib, takleh lazy²

lcf · #11 (**permalink**) 18-09-2003, 10:02 AM

Quote:

Originally posted by DingDang
i see.. so that is the only way of doing quote thingy in PHP.

no larr.. i just curious because PHP said to be EASY and FASTER (in term of programming), but if i want to build a form, WAAAWIII!!!, \"i\" \"really\" \"need\" \"something\" \"to\" \"automagically\" \"escape\" \"this\" \"!\"\"!\"\"!\"

second, it really mess out the codes. like when u use visual basic and need to insert a variable using & var & inbetween the string... that is soooooooooooooooo annoying!

What is the posibilty you will write a sentence like that?

Very small, rite. Using \" is faster and easier for NORMAL sentences.

Mess out the code? Never have the feeling yet

welcome to PHP world!

DingDang · #12 (**permalink**) 18-09-2003, 10:06 AM

itulah maksud aku.... for string

anyway, consider this :

i have a form/html codes that i want to use in my code, so in PERL, i just copy part of the needed codes from HTML and paste it into PERL without loosing my hair (just change the value with variable and thats it) :

so, with Perl i would write something like this:

$myvar =qq~
<center><b>WOHOO</b><br><br>"I want to say something!"<br><br>
<form action="modules.php?name=$module_name" method="post"><input type="hidden" name="who" value="$username"><input type="hidden" name="op" value="broadcast"><input type="text" size="60" maxlength="255" name="the_message">  <input type="submit" value="SEND"></form></center>
~;

but with PHP...

$myvar = "<center><b>WOHOO</b><br><br>\"I want to say something!\"<br><br><form action=\"modules.php?name=$module_name\" method=\"post\"><input type=\"hidden\" name=\"who\" value=\"$username\"><input type=\"hidden\" name=\"op\" value=\"broadcast\"><input type=\"text\" size=\"60\" maxlength=\"255\" name=\"the_message\">  <input type=\"submit\" value=\"SEND\"></form></center>";

that really mess up my code..

i bet u guys will love the qq function in Perl if u do a lot of strings in ur code.

i have searched the net and failed to find the answer... i guess i have to email a request to zend people... but they are in Israel, which, of course, I hate... so, i guess i have to live with it.

thanx again people.

alien3d · #13 (**permalink**) 30-11-2003, 02:39 PM

takyah bubuh kan senang
e.g
print"<form method=post ...";
Aku buat program tak bubuh quote
Tetapi kalau nak masuk database
Katakan <input name=x value=j"jlkjdjfld" >
Kena convert dulu
$c=$x
insert into $c $table

hymns · #14 (**permalink**) 30-11-2003, 04:33 PM

walalala... dak sowang ni...
Oooo en mahluk asing 3d... angpa paham dok diorang bincang about ape? kalau dok tgk post yg bawah tu jo, tak yo la nyampuk. tapi ikut suka hang la kan? ehhee

aler yg form tu, gune je single quote tak leh ke dingdang? yg nak guna quote tu lotakkan je ha slash.. don't lazy² lah...

yak! yak! selamat hari ghaye!

Ben-davis · #15 (**permalink**) 30-11-2003, 09:21 PM

ahaha.... ni musti penin kes makan lemang banyak sangat,.,,,