Escape string with PHP and HTML

Solution 1

Example 1: Variable between single quotes

If you use single quotes everything between them will always be treated as part of the string.

$output .= '<div class="tab-pane" id="' . $type . '">";

Example 2: Variable between double quotes (option 1)

If you have a variable that you want to pass in a string you can just put it in there if you use double quotes and de variable is nog 'touching' the other words. It should always have spaces.

$output .= "<p>i would like to $your_text_here with you.</p>";

Example 3: Escaping quotes in a string

Escaping characters in a string can be done by using a \ (backslash) before the character you want to escape.

$output .= "<div class=\"tab-pane\" id=\"example-id\">";

Example 4: Variable between double quotes without spaces next to it

You can place your variable between {} braces if you use double quotes (option 2)

$output .= "<div class=\"tab-pane\" id=\"{$type}\">";

This question was however already answered in Mixing PHP variable with string literal

Solution 2

Your first block is doing string replacements, but then you use the ORIGINAL string, not the replaced one:

$output .= '<div class="tab-pane" id="' . $functionName . '">';

would be more correct. On the second one, you're escaping the ' quotes, which means that you never terminate the string, meaning that the . $type . portion is treated as plaintext within the string, not a PHP concatenation operation. Try

$output .= '<div class="tab-pane" id="' . $type . '">';

instead. note the LACK of backslash escapes.

And of course, you could use a HEREDOC, eliminating any need to escape quotes entirely:

$output .= <<<EOL
<div class="tab-pane" id="{$functioName}">
EOL;

Author by

user3312508

Updated on June 04, 2022