PHP inserted content in javascript?

frigidman

I am trying to find a way to take a string (mostly pulled from a database in a while loop), and place it in a value inside javascript.

Ex:
<?PHP

echo "<SCRIPT LANGUAGE=Javascript>";

while($row = $db->getarow($query)) {
$contents .= "'$row[0]',";
}
echo "var fb_Titles = new Array($contents,'bleah'); ";

echo "</SCRIPT>";
?>

Now, inside the database, the cell could contain titles with spaces, or slashes, or even ascii characters like tiny TM or circle R etc... pretty much ANYTHING.

The question I have, is how do I escape all that so javascript doesn't freak out on the client browser when it gets invalid chars in there?

There is "addslashes();" or "urlencode();" functions ... but I am not finding "javascriptencode();" (or something of the like).

Anyone got any bright ideas? besides making the largest find and replace function the world has ever seen for every character known?

(I posted this a while back, but no one responded... so I will try one last time)

emcb_php

Hi,

Im pretty sure there is not a javascriptencode function (but there should be) so youll probable have to do it the hard way.

<?php

...your code
...your code
$contents = ereg_replace("bad", "good", $contents);

just substitute bad for your ascii-chars and other bad chars, and good with something you can use like (r), (c) etc...

Hope this helps,

Elfyn

frigidman

Hmmm...

Ok, heres a an additional question then:

Anyone know a site that lists out all the characters that NEED to be escaped with respect to javascript assignments? I could possibly use the PHP function to convert all odd chars to their &#; equivalent... but that still leaves the question of what should still be escaped.

I was doing some searches with yablow.com and google... and could only find pages explaining Form validation (BAH! already know that stuff)... but couldn't find a list of 'invalid chars'.

Anyone got a bookmark laying around? Anyone?