Marek Kilimajer wrote:
Jack Jackson wrote:
Murray @ PlanetThoughtful wrote:
If I want to make a link to a URL which includes some GETs can I
just do:
<a href='{$_SERVER['PHP_SELF']}?p={$p}&c={$s}' ... etc etc
or must I escape the ampersand somehow?
...
You should use & for all document types, not only xhtml
AFAICR the specification[s] go[es] further than that. all relevant
chars should be converted to their htmlentity equivelant if that
char appears inside the attribute of an *ML element. i.e.
you should really be escaping, for instance, title and alt
atrtibute values (e.g. for IMG or A tags).
I don't know which chars exactly make up the relevant set but
htmlentities() and its friends have a good idea :-)
e.g.: http://php.net/manual/en/function.get-html-translation-table.php
anyway, its best to get this kind of thing working first then
fix any validation errors. also I personally just use '&' as the
seperator in my code and if it doesn't break anything i use
an output filter to change all '&' inside urls (inside href, src attribs etc)
to '&' - I find using '&' (or allowing both '&' and '&')
inside my code makes it alot harder to do URL manipulation/augmentation).
also take a lot at the http_build_query() function (php5 only) which
I find very useful in creating complex query strings.
lastly here is a little function thats capable of replacing all
occurances of '&' with '&' without buggering up already occuring
instances of '&' ...
function properAmpersands($url)
{
return preg_replace("/(&)(?!amp;)/","&",(string)$url);
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
