Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

how do I escape quote a string inside of an escape-quoted string?

Posted on 2007-10-04
2
Medium Priority
?
2,569 Views
Last Modified: 2012-05-05
I'm writing a php webpage that builds a list of lunch orders for a student. these lunch orders are placed into a "shopping cart" until the order is submitted.

basically, to display the cart, the database is queried and the result is placed into an array called $line. if $line["Side1"] is not null, a table row is added to $cartHTML (a php string representing the html for the shopping cart). The contents of this table row can be described in pseudo-code as follows:

TR
TD: link to delete the item that calls a js function
TD: description of the item
TD: item cost
/TR

here's a look at the php code that generates the table row. I took out some of the irrelevant code to make it easier to read:

if ($line["Side1"] != "") {       $cartHTML.=  "         <tr><td width=70%><a href=\"#\" class=\"trashcanLink\" onclick=\"deleteCheckoutItem('$studentid', '$menu', '`Side1ID`  =\'".$line["Side1ID"]."\' AND `ItemNo`=".$line["ItemNo"]."');\" ></a>".$line["Side1"] . "</td><td align=\"right\" valign=\"top\" width=30%>$".$line["Side1Amount"])."</td></tr>\n"; }



here is my problem:

I'm having trouble with my escaped quotes for the deleteCheckoutItem function. it is a js function. the 3 parameters are all strings so they need to be escaped. the 3rd parameter is a string that gets injected into an sql statement via AJAX, but the SQL string also has a string value that needs to be escaped inside the js parameter that is already escaped.

SIMPLY PUT: how do I escape quote a string inside of an escape-quoted string?

-cnesb860
0
Comment
Question by:cnesb860
2 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 1000 total points
ID: 20017808
you have to think like this:

inside the quotes, you have to escape the quote plus it's escape character (\):

 " 'quote start  \\\'quoted string\\\'  quote end '  "
0
 
LVL 1

Author Closing Comment

by:cnesb860
ID: 31408032
the final solution turned out to be pretty involved, but it essentially boiled down to your answer, angellll.

Thanks
-cnesb860
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
This article discusses how to implement server side field validation and display customized error messages to the client.
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question