Please notice the addslashes($model->subject) part in the code below. If the subject contains single quote, it works fine but if it has double quote, javascript generates error and treats that the onclick method ends on the double quote character. How to solve that error?
$string.=" <a href='#' class='' data-toggle='modal' "
. "onclick=\"to_edit('" . $model->id . "','" . $model->doc_type_level_1 . "','" . $model->doc_type_level_2 . "','" . $model->doc_type_level_3 . "','" . addslashes($model->subject) . "','" . $model->date . "',"
. "'" . $model->date_release . "','" . $model->is_confidential . "'"
. ")\" "
. "data-target='#modal_doc' ><span class='fa fa-pencil'></span></a>";
You should use htmlspecialchars to convert these entities, use following code:
htmlspecialchars($model->subject, ENT_QUOTES);
Related
I'm calling the script below, now I need to be able to send two values to test23.php like
myFunction20(url,url2)
Can someone please help?
<script>
function myFunction20(url) {window.open('test23.php?id=' + url, "_blank", "toolbar=no,scrollbars=no,resizable=no,top=70,left=50,width=1200,height=500");}</script>
PHP Code
echo "<td>" .'<a href= javascript:myFunction20("'.$row['Account_Number'].'","'.$row['Account_Number'].'")>'.$row['Name'].'</a>' . "</td>";
Just add a second key/value pair to the querystring:
function myFunction20(url) {
window.open('test23.php?id=' + url + "&SECOND_KEY=" + "SECOND_KEY_VALUE",
"_blank",
"toolbar=no, scrollbars=no, resizable=no, top=70, left=50, width=1200, height=500");
}
you should wrap up the PHP variables in quotes and pass it your JS function
<?php
$parameter1 = "'" . $row['Account_Number'] . "'";
$parameter2 = "'" . $row['Account_Number'] . "'";
echo
'<td>
<a href= javascript:myFunction20(' . $ip . ',' . $id . ')>' . $row["Name"] . '</a>
</td>';
Your JS function
<script>
function myFunction20(url, url2) {
window.open('test23.php?id=' + url + '&' + url2, "_blank", "toolbar=no,scrollbars=no,resizable=no,top=70,left=50,width=1200,height=500");
}
</script>
Im retrieving a value from my db, displays on screen as a 0.
echo "<article>" . $gr_display['status'] . "</article>";
Then when im clicking on this DIV i want to send both status and id to my JS function, edit. The ID of this object is 79
echo "<div onclick='edit( " . $gr_display['status'] . "." . $gr_display['id'] . " )' </div>";
Then the start of my script
function edit(status, id) {
console.log(status, id ); some code later }
But im ending up with the result that id and status is combined into one sett of value, leaving the other one "undefined"
From console log: 0.79 undefined
Please make a clarity between PHP and JavaScript. You need to use the right separator and separate.
echo "<div onclick='edit( " . $gr_display['status'] . ", " . $gr_display['id'] . " )'> </div>";
//-----------------------------------------------------^
Replace . with ,. Also please use > for the opening <div>. You forgot to close your opening div.
you have at typo change the . into, between the 2 variables
echo "<div onclick='edit( " . $gr_display['status'] . "," . $gr_display['id'] . " )'> </div>";
//---------------------------------------------------------^
or better use data-attributes
echo "<div class='edit-element' data-status='" . $gr_display['status'] . "' data-id='" . $gr_display['id'] . "'></div>";
$('.edit-element').click(function(){
console.log($(this).attr('data-status'),$(this).attr('data-id'));
});
replace div with this:-
echo "<div onclick='edit( " . $gr_display['status'] . "," . $gr_display['id'] . " )' </div>";
The problem is causes by this line:
echo "<div onclick='edit( " . $gr_display['status'] . "." . $gr_display['id'] . " )' </div>";
Notice that between the two arguments you put a '.' instead of a ',' (a comma). That way, the second argument in your JS function does not have a value
Your code has two issues
You haven't close opening div tag
Use , to separate two parameters
echo "<div onclick='edit( " . $gr_display['status'] . ", " . $gr_display['id'] . ")'>ddd </div>";
<script type="text/javascript">
function edit(status, id) {
alert(status);
alert(id);
}
</script>
I have a JS Function:
function zoom(now) {
document.getElementById("popup").style.display = "block";
document.getElementById("photos").style.backgroundImage = "url('" + now + "')";
}
And I have echoed in php, which has onclick function
echo
"<td style='background: url(" . $row['thumbnails'] . ")' onclick='zoom(" . $row['imagelink'] . ")'></td>";
So it says
Uncaught SyntaxError: Unexpected token ILLEGAL.
When I put just 1.jpg in php instead of imagelink it works. but not with $row['imagelink']. I absolutely need to change background image, so please if anyone can help or give me a different option in JS, PHP, HTML only. Thank you
You are missing quotes in the php, so it generates invalid HTML
echo '<td style="background: url(' . $row['thumbnails'] . ')" onclick="zoom(\'' . $row['imagelink'] . '\')"></td>';
I assume the $row['imagelink'] variable contains a filename string, eg 'file.jpeg'.
When echoed in PHP, the HTML onclick attribute would be
The quotes around file.jpeg are missing, so the PHP should be:
"<td style='background: url(" . $row['thumbnails'] . ")' onclick='zoom(\"" . $row['imagelink'] . "\")'></td>";
On my website, I have a JavaScript function that saves data into a MySQL database. It works by sending the data to a PHP file, which processes it, and then inserts it into the database.
I was fiddling around with it, and it no longer inserts new information into the database. It still works fine when updating existing information in the database, but when I try to add new information in, nothing happens, The information is not there, and no error is displayed.
Here is my PHP code: (Obviously, I have already connected and selected the database)
$query = mysql_query( "insert into parts values( 0, " . mysql_escape_string( $objectID ) . ", " . $objectStackID . ", " . $objectCardID . ", '" .
mysql_escape_string( $objectProperties['name'] ) . "', '" .
mysql_escape_string( $objectProperties['partorder'] ) . "', '" .
mysql_escape_string( $objectProperties['top'] ) . "', '" .
mysql_escape_string( $objectProperties['left'] ) . "', '" .
mysql_escape_string( $objectProperties['width'] ) . "', '" .
mysql_escape_string( $objectProperties['height'] ) . "', '" .
mysql_escape_string( $objectProperties['stype'] ) . "', '" .
mysql_escape_string( $objectProperties['value'] ) . "', '" .
mysql_escape_string( $objectProperties['script'] ) . "', '" .
mysql_escape_string( $objectProperties['visible'] ) . "', '" .
mysql_escape_string( $objectProperties['disabled'] ) . "', '" .
mysql_escape_string( $objectProperties['style'] ) . "', '" .
mysql_escape_string( $objectProperties['family'] ) . "' )" );
if( ! $query )
{
logThis('Could not enter data: ' . mysql_error());
}
else
{
logThis("inputted sucessfully - here come the objectprops");
logThis("Button properties:");
logThis("Name: " . $objectProperties['name']);
logThis("Part order: " . $objectProperties['partorder']);
logThis("Top: " . $objectProperties['top']);
logThis("left: " . $objectProperties['left']);
logThis("width: " . $objectProperties['width']);
logThis("height: " . $objectProperties['height']);
logThis("stype: " . $objectProperties['stype']);
logThis("value: " . $objectProperties['value']);
logThis("script: " . $objectProperties['script']);
logThis("visible: " . $objectProperties['visible']);
logThis("disabled: " . $objectProperties['disabled']);
logThis("style: " . $objectProperties['style']);
logThis("family: " . $objectProperties['family']);
}
The logThis function writes the contents to a txt file, which is useful for debuging. In the txt file, I receive the message "inputted successfully - here come the objectprops" followed by the values (that should have been) inserted into the database. However, when I look at the database, nothing has been added.
This code did work fine at one point, however, I have been editing it on and off for about 6 months now, only testing to see if it will update information, not create now info (really stupid!), so I have no idea when it was last working, and what I changed to make it stop.
I think that my JavaScript is OK, as PHP receives the correct values (as can be seen from the log), but just does not actually insert them into the database.
Can anyone see what I have done wrong? Nay help at all would be greatly appreciated. I have been staring at this code for a long time now!
Thanks in advance.
EDIT - here is the javascript code, basically it cycls through an array, getting properties of buttons and then sends them to the save php file. Seems to work OK, but there might be a hidden error causing the issue
I would like to know how to pass multiple arguments to the the function with onmouseover event handler in HTML.
Here is the following code in PHP ,
<a href='Page2.php?user=" . $userid . "' target='_blank' onMouseOver=\"writetxt('" . $info "')\" onMouseOut=\"writetxt(0)\">"
I would like to pass 2 arguments to writetxt() function something like this :
writetxt($arg1, $arg2)
<a href='Page2.php?user=" . $userid . "' target='_blank' onMouseOver=\"writetxt('" . $info . "," . $img . "')\" onMouseOut=\"writetxt(0)\">"
Thanks
It should be like...
writetxt('" . $info . "', '" . $img . "');
^ ^
use like this
echo "<a href=\"Page2.php?user=" . $userid ."\" target=\"_blank\" onMouseOver=\"writetxt('" . $info . "','" . $img . "')\" onMouseOut=\"writetxt(0)\">" ;