How can we escape all double quotes in prestashop? - javascript

I'm using prestashop as a cms and i want to display specific products on a page.
I found a module to do so by writing for example this line of code : [ph-product-cms id="1"] which will be converted at the execution into many lines of code with multiple quotes to display the products
The thing is when i try to use innerhtml like this : document.getElementsByClassName('test0 prod')[0].innerHTML = "[ph-product-cms id="1"]"; it shows Uncaught SyntaxError : Unexpected identifier
I tried single quotes but it doesn't work either.

Wherever you find double-quotes put a \ before them to escape them. For example,
\[ph-product-cms id=\"1\"]

Related

PHP JavaScript - Escaping variables written like ${HOST}

How to escape variables from DB like ${HOST}?
The situation happens when there is some code posted in tags <pre><code>.
If it remains as it is there's the error
Uncaught ReferenceError: HOST is not defined.
It's needed in a context where it's required to use the character ` for enclosure to prevent the error (it's a multiline content)
Uncaught SyntaxError: '' string literal contains an unescaped line break
The line generating error it's
e.setContent(escape(`<? echo $getpost["post"]; ?>`));
It gives the same error also by using
htmlspecialchars(addslashes())
This line:
e.setContent(escape(`<? echo $getpost["post"]; ?>`));
ends in your code as:
e.setContent(escape(`bla
bla2
bla3
`));
Because the $getpost["post"] contained newlines.
And your javascript isn't happy about the newlines.
Solution?
That depends on what you are trying to achieve, but you have to escape your newline somehow.
For example, replace it by \n, or NEWLINE and replace it back later.
Hard to say, but the reason for your error is the newline

AngularJS format string inside double braces using replace() with regex

I am trying to format a MAC address in a table that is populated using AngularJS:
<tr ng-repeat="dev in devices">
<td>{{dev.mac.replace(/(.{2})/g,"$1:")}}</td>
</tr>
{{dev.mac}} works just fine (aside from being unformatted), but when I add the .replace() function it breaks. I tried escaping the forward slash based on the error I received, which didn't help. Is .replace() not available inside the browser or is there a different syntax for regex inside the double braces or what am I doing wrong?
The goal is to convert AABBCCDDEEFF into AA:BB:CC:DD:EE:FF as easily as possible within the double braces. As a bonus question, how do I prevent the trailing ':' in the regex (it currently prints AA:BB:CC:DD:EE:FF:)?
Edit: Adding the error message
Error: $parse:syntax
Syntax Error
Syntax Error: Token '/' not a primary expression at column 20 of the
expression [dev.mac.replace(/(.{2})/g,"$&:")] starting at
[/(.{2})/g,"$&:"].
That seems to indicate the forward slash is causing the problem, but like I said, escaping it doesn't help.
Rather than running your replace inline like that, it'd be better to abstract that out into a function, that should fix any issues you're having with it not getting interpreted correctly. This article shows the right syntax for declaring a function on the scope to call here: function call inside Angular double curly braces, it should be something like this
$scope.fixMacAddress = function(addr)
{
return addr.replace(/(.{2})/g,"$1:")
}
and
{{ fixMacAddress(dev.mac) }}

jade syntax error how to send json to js ?

a(href="#" id="pickndroppoints" data-pickuppoints="[{"Id":"HGHD","Time":"2014-01-28 21:00:00.0","Name":"Beach Road"}]")
jade compile give systax error Unexpected identifier
Is there a way to do this ? I need to send json and based on it certain event is triggered using js
your attribute value for data-pickuppoints is breaking at.
data-pickuppoints="[{"Id":"HGHD","Time":"2014-01-28 21:00:00.0","Name":"Beach Road"}]"
as you have double quotes inside the json data. make it like
data-pickuppoints='[{"Id":"HGHD","Time":"2014-01-28 21:00:00.0","Name":"Beach Road"}]'
or escape the double quotes
I would say, as jade parameter are regular javascript, that you only have to use single quotes so the value wont break :
a(href="#" id="pickndroppoints" data-pickuppoints='[{"Id":"HGHD","Time":"2014-01-28 21:00:00.0","Name":"Beach Road"}]')
But I am not on my computer so I cant test.

Javascript syntax - triple quotes in a single line

Following my code:
<div onclick="this.innerHTML='<div onclick=\"<img src=/*how to do here?*//>\">abc</div>'">a</div>
I would like to do everything on one line, can I specify the address of the image with the current example code or not?
Use " to represent a " character in an HTML attribute value delimited with " characters.
(Use & to represent a & character in an HTML attribute value, so if you want to nest insanely then: &quot;)
But don't do this.
Writing everything on a single line in not a virtue.
Writing JS in an onclick attribute instead of a .js file is not a good thing.
Use addEventListener and friends.

Too many quotes within quotes -- what to do?

Here is a section of code used by CKEditor on my website:
CKEDITOR.config.IPS_BBCODE = {"acronym":{"id":"8","title":"Acronym","desc":"Allows you to make an acronym that will display a description when moused over","tag":"acronym","useoption":"1","example":"[acronym='Laugh Out Loud']lol[/acronym]", ...
If you scroll to the right just a little, you will see this:
"[acronym='Laugh Out Loud']lol[/acronym]"
I need to store all of the CKEditor code inside a javascript string, but I can't figure out how to do it because the string has both " and ' in it. See the problem? Furthermore, I don't think I can just escape the quotes because I tried doing that and the editor didn't work.
Any idea what I can do?
You might try taking the string and injecting JavaScript escape codes into it. JavaScript can essentially use any unicode value when using the format: \u#### - so, for a ' character, the code is \u0039, and for the " character, the code is \u0034.
So - you could encode your example portion of the string as:
\u0034[acronym=\u0039Laugh Out Loud\u0039]lol[/acronym]\u0034
Alternatively, you could attempt to simply escape the quotes as in:
\"[acronym=\'Laugh Out Loud\']lol[/acronym]\"
The problem here occurs when you wind up with this kind of situation:
"data:{'prop1':'back\\slash'}"
Which, when escaped in this manner, becomes:
"data:{\'prop\':\'back\\\\slash\'}\"
While this is somewhat more readable than the first version - de-serializing it can be a little tricky when going across object-spaces, such as a javascript object being passed to a C# parser which needs to deserialize into objects, then re-serialize and come back down. Both languages use \ as their escape character, and it is possible to get funky scenarios which are brain-teasers to solve.
The advantage of the \u#### method is that only JavaScript generally uses it in a typical stack - so it is pretty easy to understand what part should be unescaped by what application piece.
hmm.. you said you already tried to escape the quotes and it gave problems.
This shouldn't give problems at all, so try this:
$newstring = addslashes($oldstring);
There's no need to use Unicode escape sequences. Just surround your string with double quotes, and put a backslash before any double quotes within the string.
var x = "\"[acronym='Laugh Out Loud']lol[/acronym]\"";

Categories