I am echoing a html form with php which has the following lines:
<a class='btn btn-sm btn-danger pull-right' onClick=return confirm('Delete This account?'); href='".url('deleteuser/'.$order->id)."' >Delete</a>
This correctly goes to the url specified. However, the onClick method is never triggered. Any help is much appreciated.
EDIT: Clarified pure HTML versus echo string.
Put quotes around the onclick attribute value.
i.e. in pure HTML:
onClick="return confirm('Delete This account?');"
So if you are outputting this via echo, you need to escape the respective type of quote characters with a backslash.
echo 'onClick="return confirm(\'Delete This account?\');"';
or
echo "onClick=\"return confirm('Delete This account?');\"";
Upvoted #faintsignal answer because it is correct, your confusion of single quotes is causing, however a much better way to do this is separate the PHP from the HTML:
<?php
foreach($someItem as $someKey => $order){
?>
<a class="btn btn-sm btn-danger pull-right" onClick="return confirm('Delete This account?');" href="<?php echo url('deleteuser/'.$order->id); ?>">Delete</a>
<?php
}
?>
Just providing an alternative, and it's generally considered good practice because you have clear separation of duties and its easier to maintain.
EDIT: provided a super generic example of using foreach, obviously you can mod for your setup but it shows you can separate the function and it will run just fine.
Related
I am using codeigniter 3. Below is the code of the view page, where data inside the $row->poll_question; is coming from the database. Thus, the different values coming inside this variable are echoed on a page called voting.php. And just beside this variable, there is a button called View Poll.
Now, on clicking this button I want to pass the data of this php variable to javascript section. And simply alert and check in javascript. Please help. I have pasted the code I tried.
voting.php
<h3 class="val" id="val" style="color:rgb(158, 158, 158);font-family:
arial;margin-top: 2%;" ><?php echo $row->poll_question; ?></h3>
</td>
<td>
<a class="btn btn-lg btn-primary view_button" id="view_button"
style="margin-left: 18%;padding:10%;border-radius: 10px;"
onclick="fetch_val(<?php echo $row->poll_question ?>)">View Poll</a>
Javascript
function fetch_val(val)
{
alert(val);
}
You have forgot to add quote on '<?php echo $row->poll_question ?>'. Check updated code below
<h3 class="val" id="val" style="color:rgb(158, 158, 158);font-family:
arial;margin-top: 2%;" ><?php echo $row->poll_question; ?></h3>
</td>
<td>
<a class="btn btn-lg btn-primary view_button" id="view_button"
style="margin-left: 18%;padding:10%;border-radius: 10px;"
onclick="fetch_val('<?php echo $row->poll_question ?>')">View Poll</a>
I don't recommend the redundant storage of the string.
You already have the value in your id'ed <h3> tag. Just use that.
Further advice move all stylings to an external stylesheet and use a javascript listener on your #view_button.
You could stay with an inline function call:
<h3 class="val" id="val"><?php echo $row->poll_question; ?></h3>
<a class="btn btn-lg btn-primary view_button" id="view_button"
onclick="fetch_val(document.getElementById('val').innerHTML);">View Poll</a>
Or trigger fetch_val() via a listener written in your javascript (this is the cleaner / more professional way):
document.getElementById('view_button').onclick = function() {
alert(document.getElementById('val').innerHTML);
}
About writing a pure javascript onclick handler: https://stackoverflow.com/a/17633164/2943403
Assigning a custom function to an event:
https://stackoverflow.com/a/24665785/2943403
Using either of my above techniques will remove the possibility of quoting issues caused by questions like What is your mother's maiden name?.
I have a variable in a database that could potentially contain single or double quotes. When I retrieve the variable from the database, it is written with PHP into an inline "onclick" hander:
echo '<li><a onClick="a4e.duplicate_assignment('.$this_assignment['id'].',\''.htmlspecialchars($this_assignment['title'],ENT_QUOTES).'\',\'/assignments/'.$type.'/\');" href="javascript:void(0);">';echo '<i class="fa fa-copy"></i> Duplicate assignment</a></li>';
This produces HTML that looks like this in the page source:
<li><a onClick="a4e.duplicate_assignment(92,'ELLLO - 'If I had a million dollars'','/assignments/cloze/');" href="javascript:void(0);"><i class="fa fa-copy"></i> Duplicate assignment</a></li>
However, clicking the link produces the following error in the console:
Uncaught SyntaxError: missing ) after argument list
I thought using the PHP function "htmlspecialchars" would mitigate this issue, but it doesn't seem to work.
Any help greatly appreciated.
P.S. It is not possible in this case to use a Javascript "onclick" handler - it has to be inline HTML. Also, it is not possible to ban the use of quotation marks in the variable value.
Try using the function:
addslashes()
EDIT: This method will take care of the quotes in the string itself, but may not be suitable if you need to retain quotes for HTML insertion. Read the docs carefully.
http://php.net/manual/en/function.addslashes.php
its because your Unicode (') is also being treated as '
use this
<li><a onClick="a4e.duplicate_assignment(92,'ELLLO - \'If I had a million dollars\'','/assignments/cloze');" href="javascript:void(0);"><i class="fa fa-copy"></i> Duplicate assignment</a></li>
Use json_encode to convert a value to a JavaScript literal (with all necessary escaping).
Use htmlspecialchars to convert a value (such as a JavaScript program) to something safe to place in an HTML attribute value.
$id = $this_assignment['id'];
$title = $this_assignment['title'];
$url = "/assignments/$type/";
$js_id = json_encode($id);
$js_title = json_encode($title);
$js_url = json_encode($url);
$js = "a4e.duplicate_assignment($js_id, $js_title, $js_url);
$html_js = htmlspecialchars($js, ENT_QUOTES);
?>
<li>
<a href="javascript:void(0);" onclick="<?php echo $html_js; ?>">
<i class="fa fa-copy"></i>
Duplicate assignment
</a>
<li>
A better approach would be to use progressive enhancement and non-inline JS. You've ruled that out, but you should try to remove that restriction.
$id = $this_assignment['id'];
$title = $this_assignment['title'];
$url = "/assignments/$type/";
$html_id = htmlspecialchars($id, ENT_QUOTES);
$html_title = htmlspecialchars($title, ENT_QUOTES);
$html_url = htmlspecialchars($url, ENT_QUOTES);
?>
<li>
<a href="<?php echo $html_url; ?>" data-title="<?php echo $html_title; ?>" data-id="<?php echo $html_id; ?>">
<i class="fa fa-copy"></i>
Duplicate assignment
</a>
<li>
<!-- and later -->
<script>
document.querySelector("a").addEventListener("click", duplicate_assignment_handler);
function duplicate_assignment_handler(e) {
e.preventDefault();
a4e.duplicate_assignment(this.dataset.id, this.dataset.title, this.href);
}
</script>
</script>
Hello everyone !
I'm working on a board based on bootstrap, i've got a database filled with sounds informations (name / genre / link soundcloud ...)
In my PHP page, I echo a button which call a JS function with a PHP argument inside.
echo "<button onclick='SCM.queue({title:'".$name[$j]."',url:'".$liensc[$j]."'});'>Click me</button>";
My problem is, when I look at the source code of my page, I'm supposed to have something like :
<button onclick="SCM.queue({title:'Marvin Gaye - Sexual Healing (Kygo Remix)',url:'http://soundcloud.com/kygo/marvin-gaye-sexual-healing'});">Click me</button>
But instead i've got :
<button onclick="SCM.queue({title:" marvin="" gaye="" -="" sexual="" healing="" (kygo="" remix)',url:'http:="" soundcloud.com="" kygo="" marvin-gaye-sexual-healing'});'="">Click me</button>
So, I'm looking for the right synthax :)
Hope someone can help me !
Thank you all
You quote improperly
Try this
echo "<button onclick='SCM.queue({title:\"".$name[$j]."\",url:\"".$liensc[$j]."\"});'>Click me</button>";
https://eval.in/139055
Try as
echo '<button onclick="SCM.queue({title:\''.$name[$j].'\',url:\''.$liensc[$j].'\'});">Click me</button>';
use
echo "<button onclick=\"SCM.queue({title:'".$name[$j]."',url:'".$liensc[$j]."'});\">Click me</button>";
try this
echo "<button onclick=\"SCM.queue({title:'".$name[$j]."',url:'".$liensc[$j]."'});\">Click me</button>";
Example
Use this:
echo "<button onclick='SCM.queue({title:'{$name[$j]}',url:'{$liensc[$j]}'});'>Click me</button>";
If I isolate the code like so:
<html>
<body>
<pre>
<?php
$name[1] = 'Marvin Gaye - Sexual Healing (Kygo Remix)';
$liensc[1] = 'http://soundcloud.com/kygo/marvin-gaye-sexual-healing';
$j = 1;
$line = "SCM.queue({title:'".$name[$j]."',url:'".$liensc[$j]."'});";
echo $line . "\n";
echo "<button onclick='SCM.queue({title:'".$name[$j]."',url:'".$liensc[$j]."'});'>Click me</button>";
?>
</pre>
</body>
</html>
$line and the button show as:
SCM.queue({title:'Marvin Gaye - Sexual Healing (Kygo Remix)',url:'http://soundcloud.com/kygo/marvin-gaye-sexual-healing'});
Which means your syntax is correct.
I'm wondering if you've somehow managed to enter the line you provided in this example correctly but it is different to the one you're using in your real app!
It may also be worth checking that the $name[] variable is indeed passing normal string data.
Normally, I'd make sure that something in the onclick='' part is a variable as it makes it simpler to read because you're not getting as lost in nested single and double quotes.
eg:
$onclick = "SCM.queue({title:'" . $name[$j] . "',url:'" . $liensc[$j] . "'});";
echo "<button onclick='$onclick'>Click me</button>";
Several of the other answers have suggested escaping the quotes out (with a \") which is good, but its probably still better to not have it inline in the echo statement, unless you're really sure of understanding what you're trying to do!
Edit:
Also see: https://eval.in/139090
for an exapmple
The code i want to get into a php statement is
<a href="javascript:void();"
onclick="document.loginfrm.user.value="username";
document.loginfrm.pass.value="password";
document.loginfrm.submit();">login
</a>
So what i would normally do is just surround it with an echo and quotation marks: an then replace any quotation marks in the statement with these --> ('), so that's what i did... and for some reason it seems to misinterpret the sentence severely. Here is the code i enter in php.
echo "<a href='javascript:void();'
onclick='document.loginfrm.user.value='username';
document.loginfrm.pass.value='password';
document.loginfrm.submit();'>". login ."</a>";
And this is how the browser interprets it:
<a href="javascript:void();
" onclick="document.loginfrm.user.value=" username';=""
document.loginfrm.pass.value="password" ;="" document.loginfrm.submit();'="">
login</a>
So yes is there any way around displaying html within php that could get around this problem
Can you try this, added \
echo "<a href=\"javascript:void();\"
onclick=\"document.loginfrm.user.value='username';
document.loginfrm.pass.value=password';
document.loginfrm.submit();\">login </a>";
You need to escape it properly. Try
echo "<a href=\"javascript:void();\"
onclick=\"document.loginfrm.user.value='username';
document.loginfrm.pass.value='password';
document.loginfrm.submit();\">". $login ."</a>";
You're not escaping your quotes. Try:
echo "<a href=\"javascript:void();\"
onclick=\"document.loginfrm.user.value='username';
document.loginfrm.pass.value='password';
document.loginfrm.submit();\">". login ."</a>";
which should produce:
<a href="javascript:void();"
onclick="document.loginfrm.user.value='username';
document.loginfrm.pass.value='password';
document.loginfrm.submit();">login
</a>
As you have it now, you're closing the onclick attribute when you hit the quote at the start of the "username" value, which means the browser is interpreting username as another attribute and it just gets more confused from there...
Edit: sorry, fixed the html, rather than the php code...
You should do something like this..
<a href="javascript:void();"
onclick="document.loginfrm.user.value='username';
document.loginfrm.pass.value='password';
document.loginfrm.submit();">login
</a>
and with php it should be
echo '<a href="javascript:void();"
onclick="document.loginfrm.user.value=\"username\";
document.loginfrm.pass.value=\"password\";
document.loginfrm.submit();">
login
</a>';
I am desperate on this.
I create a list with an image and some description and other data.
The image and the description should be linked the same way.
The description link(onclick event) work fine:
<?php echo (string)$flat.'<br />'; ?>
But around the image it doesn't:
<a href="#" onclick="show_object('<?php echo $itemId.','.$identifier; ?>');return false;">
<img src="<?php echo (string)$image_url; ?>" class="list_image"></img>
</a>
Why? I do not understand, I tried several other ways, with including the onclick into the image, making a span out of the a.. Nothing works.
If I click on the image, I see in the javascript console that the request get started, but it does not load the page.
I do not understand since the two requests are exact same and immitedly behind another (inside a table)
please help!
I think you are missing some quotes:
<a href="#" onclick="show_object('<?php echo $itemId."','".$identifier; ?>');return false;">
<img src="<?php echo (string)$image_url; ?>" class="list_image"></img>
</a>
In your version, you call show_object('someitemid,someidentifier') but you want to call show_object('someitemid','someidentifier') as you do in your first <a>-tag.
How is that "exactly the same" ?
"show_object('<?php echo $itemId."','".$identifier; ?>'); return false;"
"show_object('<?php echo $itemId.','.$identifier; ?>');return false;"
I suggest you double check the quotes, or copypaste the working one into the other, then come back to us if it's not fixed :)