PHP javascript string filter
Goal: I want to have a javascript onclick function that will transfer data from an old data field to a new data field in a form when I click on «:
<script type="text/javascript">
<!--
function setInputText(TargetId, Text)
{
var oTarget = document.getElementById(TargetId);
oTarget.value = Text;
}
//-->
</script>
<table>
<tr>
<td><div align="right">
<textarea name="comment" id="comment" cols="45" rows="5" value = "<?php echo $cbrow->cb_comment ?>"></textarea>
</div></td>
<td><div align="center"><a href="#" onClick="setInputText('comment', '<?php echo $oldrow->Comment?>');return false;"><<</a></div></td>
<td><?php echo $oldrow->Comment?></td>
</tr>
</table>
Problem: Some of the comments have NewLine (LF) characters in them. PHP just ignores NewLine characters; javascript treats them as line-enders and complains that the string lacks a closing single quote (“unterminated string literal”), so the transfer doesn't take place.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<table width="100%" border="0">
<tr>
<td><input type="text" name="testdata" id="testdata" />
test</td>
<td>
<script type="text/javascript">
<!--
function setInputText(TargetId, Text)
{
var oTarget = document.getElementById(TargetId);
oTarget.value = Text;
}
//-->
</SCRIPT>
<a href="#" onclick="setInputText('testdata', '3/15/00 $35 3/1/00-12/31/2000 NO 2/00 KF 3/00 LABEL SENT LATE
12/28/00 $35 1/1/01-12/31/01 11/19/04 $30 1/1/05-12/31/05 12/6/04 REC. UPDATE; 1/31/05 address updated');return false;">Joe</a>
</td>
<td><input name="hiddenField" type="hidden" id="hiddenField" value="hidden field text" /></td>
</tr>
</table>
</form>
</body>
</html>
Solution: I don't know exactly what characters MySQL allows in data fields. I couldn't find a script that would parse input from the data field and insert the javascript escapes, so I decided to bite the bullet and write my own.
I got the list of javascript escape characters from this page.
I'm quite confident that others have already done this. 
Oh, well–now I think I've got what I need, plus a little more awareness of what it takes to make PHP and javascript work together.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PHP javascript string filter</title>
</head>
<body>
<?php
function strJavaSafe(&$s)
{
$s = str_replace(chr(0x5C),'\\\\',$s); // \\ Backslash (\)--must be first!
$s = str_replace(chr(0x08),'\\b',$s); // \b Backspace
$s = str_replace(chr(0x09),'\\t',$s); // \t Tab
$s = str_replace(chr(0x0A),'\\n',$s); // \n New line (LF)
$s = str_replace(chr(0x0C),'\\f',$s); // \f Form feed
$s = str_replace(chr(0x0D),'\\r',$s); // \r Carriage return (CR)
$s = str_replace(chr(0x22),'\\"',$s); // \" Double quote (")
$s = str_replace(chr(0x27),chr(0x5C).chr(0x27),$s); // \' Single quote or apostrophe (')
return $s;
}
// test the function to make sure that it comes out right
echo '<pre>'; // fixed font format
$s = chr(0x5C).': Backslash <br>';
echo (strJavaSafe($s));
$s = chr(0x08).': Backspace <br>';
echo (strJavaSafe($s));
$s = chr(0x09).': Tab <br>';
echo (strJavaSafe($s));
$s = chr(0x0A).': New line (LF) <br>';
echo (strJavaSafe($s));
$s = chr(0x0C).': Form Feed <br>';
echo (strJavaSafe($s));
$s = chr(0x0D).': Carriage Return <br>';
echo (strJavaSafe($s));
$s = chr(0x22).': Double Quote <br>';
echo (strJavaSafe($s));
$s = chr(0x27).': Single Quote ';
echo (strJavaSafe($s));
echo '</pre>';
?>
</body>
</html>
