Hi,
Friday, June 10, 2005, 12:05:48 AM, you wrote:
LL> Hello all,
LL> I hope this hasn?t been answered a zillion times already, I've tried
LL> everything I know and nothing has worked. The following is the PHP statement
LL> and the HTML rendering. The apostrophe is displayed as is and breaks the
LL> browser. May be I am wrong but I was under the impression that escaping
LL> special characters with one of the these, htmlspecialchars, htmlentities,
LL> and addslashes would replace them with encoded (hex?) value so they wont
LL> break the browser. But it hasn?t worked that way. I am using
LL> charset=iso-8859-1. This is my PHP:
LL> === This is the PHP ===
LL> <li>
LL> <a href="#"
LL> onclick='document.form1.how.value="<?=htmlentities($row['how'])?>";
LL> document.form1.factor.value="<?=addslashes($row['factor'])?>";document.form1
..submit();'>><?= addslashes($row['factor'])?>
LL> </a>
LL> </li>
LL> ====== This is the rendering =======
LL> ====== (note the heart's apostrophe breaks IE and firefox) ===
LL> <li>
LL> <a href="#" onclick='document.form1.how.value="Pulmonary edema is a
LL> condition in which fluid accumulates in the lungs, usually because the
LL> heart's left ventricle does not pump adequately. In cases of severe
LL> pulmonary edema, the symptoms will worsen and include A drop in blood
LL> pressure resulting in a thready pulse.";
LL> document.form1.factor.value="Pulmonary
LL> edema";document.form1.submit();'>Pulmonary edema
LL> </a>
LL> </li>
What I do to overcome this is in PHP do:
$content = rawurlencode($content);
and in the html javascript:
unescape("$content");
--
regards,
Tom
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
