Escape double quotes with variable inside HTML echo
83,660
Solution 1
Some tips on outputting HTML with PHP:
- Use single quotes so that you don't have to escape the double quotes (when using echo),
- Use
htmlspecialchars()to properly escape any "rogue" values you may have.
Example using echo:
echo '<input type="hidden" name="id" value="', htmlspecialchars($row['id'], ENT_QUOTES, 'UTF-8'), '" />';
Or printf():
printf('<input type="hidden" name="id" value="%s" />',
htmlspecialchars($row['id'], ENT_QUOTES, 'UTF-8')
);
Or, in HTML mode:
?>
<input type="hidden" name="id" value="<?php echo htmlspecialchars($row['id'], ENT_QUOTES, 'UTF-8'); ?>" />
<?php
Solution 2
Use htmlentities:
echo "<input type=\"hidden\" name=\"id\" value=\"".htmlentities($row['id'])."\" />";
Author by
swiftsly
Updated on July 03, 2020Comments
-
swiftsly almost 4 years
For a variable inside a echo that contains HTML, where would I add slashes to escape the double quotes?
Example:
echo "<input type=\"hidden\" name=\"id\" value=".$row['id']." />";This part:
value=".$row['id']."