strings inside strings inside strings....

MtBiker

I have a block of HTML with PHP in it that dynamically writes javascript. It all works beautifully. Now HTML sees the PHP as a string and PHP sees the JS as a string. The JS has PHP in it too

Now let's say I want to take the block of code and stick it in a database. I need another string delimeter to do this. Here is a simplification:

$var = '
<select name="email" class="form" onChange="<? echo \'level3(this, \"$level1\", \"$level1_dir\");\'; ?>>
';

The problem is that the \' immediately resolves down to ' and screws up my careful balance of " ' \' and \" delimeter nesting when I do a

$sql = "INSERT INTO $table_name (var) VALUES ('$var')";
$result = @($sql,$connection) or die("Couldn't insert into DB<br><br><br><br>$sql");

So do I have to resort to string concatenation in the sql query or can I create another string delimeter somehow?!!

Anyone who figures this out is god.

ednark

im not sure what you are doing will work...you can't have javascript execute php...

you can have javascript ask the server to execute php by submitting anther request... Perhaps by doing a document.location, or by loading into an image from the server, or by refreshing the page, or in some way having the server run your php for you and send it back to the browser... once javascript gets a change to execute... any php it writes won't be executed.... it will just look like text in the page

but probably the most insecure thing i can think of is to have javascript write some php code... and then submit it to the server for php to run without question... if you do this than you don't need to be using php in the first place.. and someone at php should come to your house and confiscate your computer for the good of the industry...

however, to answer your question

you get a literal \ by doing \
you get a liteal \ by doing \\

so you can just keep \\\ing all day and each successive read of it will in effect get rid of half the \ characters...

maybe that can get you where you want to be with your code...

or did i totally misunderstand what you wanted

MtBiker

Ok well yeah I got it now. I did a

\\'

and ended up with a

in the database. Now that's exactly what I wanted. Thanks

And to dispell your confusion, the js isn't really writing php. When the block of code is read from the DB, php will echo a javascript function name level3() and fill in it's own vars at that time $level1 & $level1_dir

Can I keep my computer now?

ednark

if your computer is faster than mine, then im sorry i will be over to 'confiscate' it in the morning...

glad everything worked out ok

but this confused me:

<? echo \'level3(this,

i thought you were trying to use the javascript variable 'this' in your call to a php function level3...

does echo work without an opening quotation mark?

MtBiker

<? echo \'level3(this,

became

<? echo \\'level3(this,

after your help, which looks like

<? echo 'level3(this,

after the DB insert because remember the whole block is enclosed in single quotes

Make sense?

ednark

now it does yes