Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
echo '<a onClick="articleDeleteConfirm("'.
$row["title_$lang"].'","'.$_GET["editPage"]).'">';
The main problem is with: $row["title_$lang"], I have to use $lang variable inside. " and ' just not enough.
The problem you describe actually has nothing to do with your PHP variables, those are all being output as expected. The problem is that you need to escape the
"inside of the<a>and you’ve misplaced a).Your original would output:
That is not valid HTML (even the highlighter dislikes it). Now, notice the
\‘s in the following (and that the paren was moved into the string).The escaped version outputs:
It uses single quotes inside of double quotes to provide easy to read (and valid) html. Now, you have another issue with your code.
Any time you output a
$_REQUESTvariable to the browser, you risk something called cross-site-scripting. Someone could put JavaScript into$_GET["editPage"]and it would smell bad. The easy way to avoid it? Usehtmlentities($_GET["editPage"])