On 6 August 2010 07:34, Peter Lind <peter.e.lind@xxxxxxxxx> wrote: > On 6 August 2010 04:10, Rick Dwyer <rpdwyer@xxxxxxxxxxxxx> wrote: >> Hi List. >> I've mentioned before that I am both just beginning to learn PHP AND I have inherited a number of pages that I'm trying to clean up the w3c validation on. >> >> Something that confuses me is how the code on the page is written where in one instance, it follows this: >> >> echo "<table border='1'><tr>.... >> >> And elsewhere on the page it follows: >> >> echo '<table border="1"><tr>.... >> >> In what I've read and from many of the suggestions from this board, the latter seems to be the better way to code, generally speaking. >> > > It isn't better or worse. The only thing that makes a difference is > what suits you - stick to what works for you. Both double-quotes and > single-quotes can result in gotchas (in double quotes you have to > escape more, which you have to keep in mind, whereas in single quotes > you have a lot less power, which you might forget). There's no > difference in performance, which leaves just one thing: personal > preference. > > Regards > Peter > > -- > <hype> > WWW: http://plphp.dk / http://plind.dk > LinkedIn: http://www.linkedin.com/in/plind > BeWelcome/Couchsurfing: Fake51 > Twitter: http://twitter.com/kafe15 > </hype> > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > You also have heredoc ... <?php $array = array('value' => 'A "daft" div. Click me and you\'re a numpty.'); echo <<<END_HTML_WITH_EMBEDDED_JS <html> <head> <title>All In One</title> </head> <body> <div>The div below should say that it is a "daft" div and if you click it then you're a numpty.</div> <div class="daft" onClick="alert('You clicked a \"daft\" div and you\'re a numpty');">{$array['value']}</div> </body> </html> END_HTML_WITH_EMBEDDED_JS; ?> will output ... <html> <head> <title>All In One</title> </head> <body> <div class="daft" onClick="alert('You clicked a \"daft\" div and you\'re a numpty');">A "daft" div. Click me and you're a numpty.</div> </body> </html> The above example shows how escaping can be minimized. I've done it manually, but it could have been done by using htmlentities() or htmlspecialchars() with ENT_QUOTES. Only the JS code needed the escaping. The \" because the " is in an attribute value (which used " as the delimiter) and the \' because the ' is used as a string delimiter for the alert() call. Obviously, it IS a bit of a mess. Using normal string concatenation, it becomes a lot harder. <?php $array = array('value' => 'A "daft" div. Click me and you\'re a numpty.'); echo "<html> <head> <title>All In One</title> </head> <body> <div>The div below should say that it is a \"daft\" div and if you click it then you're a numpty.</div> <div class=\"daft\" onClick=\"alert('You clicked a \\\"daft\\\" div and you\'re a numpty');\">{$array['value']}</div> </body> </html>"; ?> So, 3 \. The first \ is to escape the second \, the third to escape the ". Which results in \" which is an escape of the " in the HTML. Now imagine the above string was a search and replace via some regular expression. Sure you _can_ work it out, but sometimes you just keep adding \ until it works. You may need upto 6 \ in a row... or more! Richard. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
