Home/ Questions/Q 6532245
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T09:58:37+00:00

I’m having trouble escaping the PHP variable inside the getItems function: while($row = mysql_fetch_array(

  • 0

I’m having trouble escaping the PHP variable inside the getItems function:

while($row = mysql_fetch_array( $data )) 
    {
    echo "<div class='favorite'>";
    echo "<div style='display: inline;'>".$row['Item']."</div>";
        if ($row['UID'] = $uid) {
        echo "<div id='unlock'>Info</div>";
        } else {
        echo "<div id='unlock' onclick='getItems('".$row['Item']."')'>Unlock</div>";
        }
    echo "</div>";
    }

When rendered (is render the word?) anyway, when I see it on my site it says:

onclick="getItems(" whatever')'

What am I doing wrong?

You can see the code here:
http://www.chusmix.com/game/insert/get-items.php?user=19

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your problem is that your attribute values are surrounded by single quotes, but you’re also using single quotes in your javascript.

    You’ll have to use double quotes in your javascript. However, since the whole string (in PHP) is surrounded by double quotes, you’ll have to escape them. Hence:

    echo "<div id='unlock' onclick='getItems(\"".$row['Item']."\")' style='display: inline; float: right;'>Unlock</div>";

    Or like this:

    echo "<div id='unlock' onclick='getItems(\"{$row['Item']}\")' style='display: inline; float: right;'>Unlock</div>";

    To clarify what the curly braces do (from the PHP docs):

    Complex (curly) syntax

    This isn’t called complex because the syntax is complex, but because
    it allows for the use of complex expressions.

    Any scalar variable, array element or object property with a string
    representation can be included via this syntax. Simply write the
    expression the same way as it would appear outside the string, and
    then wrap it in { and }.

    To further explain, let’s say we have the following scenario:

    $name = 'Apple';
$sentence = "$names are my favorite fruit";

    What I’m trying to get is: Apples are my favorite fruit. However, this won’t work. PHP will instead be looking for a variable called $names, and when it doesn’t find it, it’ll complain.

    So, to remedy this, we can surround our variable in curly braces:

    $name = 'Apple';
$sentence = "{$name}s are my favorite fruit";

    Great! Now PHP will know where the variable name ends and the string starts.

    On a side note: You might consider switching to double-quoting your attributes, since the way you do it now is not valid xHTML (unless you don’t care).

    • 0