Re: htmlentities()

From: Toby A Inkster <usenet200801@xxxxxxxxxxxxxxxxx>
Date: Thu, 28 Feb 2008 15:28:05 +0000

Rik Wasmus wrote:

(for instance, setting an onclick attribute on a tag in double quotes:
you want the double quotes as entities, converting the single quotes
will usually end up destroying the javascript in there.

No it won't.

<p onclick="window.alert('Hello');">Say hello</p>
<p onclick="window.alert('Hello');">Say hello</p>

should both act exactly the same.

The Javascript interpreter never sees the "'" -- it is converted to a
single quote mark by the HTML parser before passing it on to the scripting
engine.

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 29 days, 21:42.]

Bottled Water
http://tobyinkster.co.uk/blog/2008/02/18/bottled-water/
.

References:
- htmlentities()
  - From: Jerry
- Re: htmlentities()
  - From: Rik Wasmus

Prev by Date: Re: Server in a different time zone
Next by Date: Re: Image Pan and Zoom script
Previous by thread: Re: htmlentities()
Next by thread: Paypal Payment Pro with certificate use
Index(es):
- Date
- Thread

Relevant Pages

Re: Javascript escape & JScript GlobalObject.escape
... escape is a url escape and single quotes are legal in urls, ... if your are outputing a javascript literal, ... javascript quoting. ...
(microsoft.public.dotnet.framework.aspnet)
Re: popup page in aspx
... Well, for one thing, it doesn't look like valid javascript. ... you need quotes or single quotes around test.htm. ... Are you sure you aren't getting a javascript error, ... > private sub ButtonAdd_Click(ByVal sender As System.Object, ...
(microsoft.public.dotnet.framework.aspnet)
Re: block writing
... note the use of SINGLE quotes ... Jim, it would work except if there is javascript in any of the xhtml, ... those areas so a single change to the javascript will be a global ...
(comp.lang.javascript)
Re: htmlentities()
... most people use double quotes for their tag attributes rather then single quotes. ... In most circumstances, you don't want both (for instance, setting an onclick attribute on a tag in double quotes: you want the double quotes as entities, converting the single quotes will usually end up destroying the javascript in there. ... Rik Wasmus ...
(comp.lang.php)
Re: Using Wildcards
... SQL server is converting my query to single quotes, ... In plain Access it is simple, please see my query example below. ...
(microsoft.public.access.adp.sqlserver)