PHP javascript string filter

Goal: I want to have a javascript onclick function that will transfer data from an old data field to a new data field in a form when I click on «:

<script type="text/javascript"> 
    <!--
	function setInputText(TargetId, Text)
	{
  	var oTarget = document.getElementById(TargetId);
  	oTarget.value = Text;
	}
    //-->
</script>    
<table>
      <tr>
        <td><div align="right">
          <textarea name="comment" id="comment" cols="45" rows="5" value = "<?php echo $cbrow->cb_comment ?>"></textarea>
        </div></td>
        <td><div align="center"><a href="#" onClick="setInputText('comment', '<?php echo $oldrow->Comment?>');return false;">&lt;&lt;</a></div></td>
        <td><?php echo $oldrow->Comment?></td>
      </tr>
</table>

Problem: Some of the comments have NewLine (LF) characters in them. PHP just ignores NewLine characters; javascript treats them as line-enders and complains that the string lacks a closing single quote (“unterminated string literal”), so the transfer doesn't take place.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<table width="100%" border="0">
  <tr>
    <td><input type="text" name="testdata" id="testdata" />
      test</td>
    <td>
<script type="text/javascript"> 
    <!--
	function setInputText(TargetId, Text)
	{
  	var oTarget = document.getElementById(TargetId);
  	oTarget.value = Text;
	}
//-->
</SCRIPT>    
<a href="#" onclick="setInputText('testdata', '3/15/00 $35  3/1/00-12/31/2000  NO 2/00 KF   3/00 LABEL SENT LATE
12/28/00 $35 1/1/01-12/31/01 11/19/04 $30 1/1/05-12/31/05 12/6/04 REC. UPDATE; 1/31/05 address updated');return false;">Joe</a>
 
    </td>
    <td><input name="hiddenField" type="hidden" id="hiddenField" value="hidden field text" /></td>
  </tr>
</table>
</form>
</body>
</html>

Solution: I don't know exactly what characters MySQL allows in data fields. I couldn't find a script that would parse input from the data field and insert the javascript escapes, so I decided to bite the bullet and write my own.

I got the list of javascript escape characters from this page.

I'm quite confident that others have already done this. :-(

Oh, well–now I think I've got what I need, plus a little more awareness of what it takes to make PHP and javascript work together.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PHP javascript string filter</title>
</head>
<body>
<?php 
function strJavaSafe(&$s)
{
$s = str_replace(chr(0x5C),'\\\\',$s); // \\  Backslash (\)--must be first!
$s = str_replace(chr(0x08),'\\b',$s); // \b  Backspace
$s = str_replace(chr(0x09),'\\t',$s); // \t  Tab
$s = str_replace(chr(0x0A),'\\n',$s); // \n  New line (LF)
$s = str_replace(chr(0x0C),'\\f',$s); // \f  Form feed
$s = str_replace(chr(0x0D),'\\r',$s); // \r  Carriage return (CR)
$s = str_replace(chr(0x22),'\\"',$s); // \"  Double quote (")
$s = str_replace(chr(0x27),chr(0x5C).chr(0x27),$s); // \'  Single quote or apostrophe (')
return $s;
}
// test the function to make sure that it comes out right
echo '<pre>'; // fixed font format
$s = chr(0x5C).': Backslash <br>';
echo (strJavaSafe($s));
$s = chr(0x08).': Backspace <br>';
echo (strJavaSafe($s));
$s = chr(0x09).': Tab <br>';
echo (strJavaSafe($s));
$s = chr(0x0A).': New line (LF) <br>';
echo (strJavaSafe($s));
$s = chr(0x0C).': Form Feed <br>';
echo (strJavaSafe($s));
$s = chr(0x0D).': Carriage Return <br>';
echo (strJavaSafe($s));
$s = chr(0x22).': Double Quote <br>';
echo (strJavaSafe($s));
$s = chr(0x27).': Single Quote ';
echo (strJavaSafe($s));
echo '</pre>';
?>
</body>
</html>
 
blog/php-javascript-filter.txt · Last modified: 2017/07/13 20:33 (external edit)
 
Recent changes RSS feed Creative Commons License Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki