Menu
When doing this job in PHP,one may meet this kind of issue:
<span title="<?php echo $variable;?>">... The problem is that if $variable contains double quotes,should change it to \"
And that's not the whole story yet:
<span title='<?php echo $variable;?>'>... In this case,we need to change single quotes to \',but leave double quotes as is.
So how can we do it in a general property manner?
600
Attributes are always specified in the start tag (or opening tag) and usually consists of name/value pairs like name="value" . Attribute values should always be enclosed in quotation marks.
HTML attributes are generally classified as required attributes, optional attributes, standard attributes, and event attributes: Usually the required and optional attributes modify specific HTML elements.
You always want to HTML-encode things inside HTML attributes, which you can do with htmlspecialchars:
<span title="<?php echo htmlspecialchars($variable); ?>"> You probably want to set the second parameter ($quote_style) to ENT_QUOTES.
The only potential risk is that $variable may already be encoded, so you may want to set the last parameter ($double_encode) to false.
130
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
