Cofa Posted January 10, 2012 Share Posted January 10, 2012 Hello all, I have problem about quoting texts using variable in the input tag of a form mail... Please allow me to quote my script first: <!-- File "00_test_htmldecode2.php" --> <center style="width:60%; margin:60px; padding:12px; border:solid 1px #bfbfbf;"> <?php //DEFINE VARIABLES HERE $packname = 'Beijing 10 days tour'; $packcontents = '<b>(1)</b> Direct flight to Beijing by "Boeing 747". <b>(2)</b> 3 nights at Beijing Hotel <a href="http://www.beijinghotel.cmm/" target="_blank">http://www.beijinghotel.cmm</a>.'; $packprice = 2000; $packdate = 'June 15, 2012'; ?> <table cellpadding="0" cellspacing="0" border="0" style="margin:12px;"> <form name="form" method="POST" action="/00_test_htmldecode.php"> <input type="hidden" name="pageid" value="page11"> <input type="hidden" name="packname" value="<?php echo $packname; ?>"> <input type="hidden" name="packcontents" value="<?php echo $packcontents; ?>"> <input type="hidden" name="packprice" value="<?php echo $packprice; ?>"> <input type="hidden" name="packdate" value="<?php echo $packdate; ?>"> <tr> <td align="center" valign="middle" style="padding:8px;"> <input type="submit" name="submit" value=" Click to Launch the Order Entry Form "> </td> </tr> </form> </table> </center> END QUOTE From the above code I was supposed to see only a "submit button" in an enclosed square. However, the following texts were also, but unexpectedly, displayed before the button (copied from the screen): (2) 3 nights at Beijing Hotel http://www.beijinghotel.cmm."> After some review I believe the problem is from the input tag of: <input type="hidden" name="packcontents" value="<?php echo $packcontents; ?>"> Also as a matter of fact, when the above form was submitted to a new page, only texts "(1) Direct flight to Beijing by" were displayed. My guess is that when the variable "$packcontents" was printed to the value of the input tag, the quotes in the contents of the variable have caused problems in the html rendering. Could anyone please show me how to echo a variable in the input tag that could avoid the above problems? Thanks, Cofa 1/9/2012 Link to comment Share on other sites More sharing options...
Larry Posted January 11, 2012 Share Posted January 11, 2012 Yep, you've successfully identified the problem. The solution is to wrap the variable in htmlentities() before printing it: <?php echo htmlentities($packcontents); ?> Link to comment Share on other sites More sharing options...
Cofa Posted January 12, 2012 Author Share Posted January 12, 2012 Thank you Larry, I used echo htmlentities($packcontents) and the problems in my initial post have gone. And I click on the button "Click to Launch the Order Entry Form" to generate the new page... I now write my code for the new page below: <?php //BLOCK 1 - ORDER ENTRY FORM if ($_POST['pageid']=='page11') { //Display Order Form $packname = $_POST['packname']; $packcontents = $_POST['packcontents']; $packprice = $_POST['packprice']; $packdate = $_POST['packdate']; ?> <h1 style="text-align:center; font-size:18px;">Tour Order Form - <?php echo $packname; ?></h1> <center style="width:90%; margin:18px auto; padding:8px; border:solid 1px #bfbfbf;"> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr> <td align="right" valign="top" style="padding:6px;"><nobr><b>Tour Name:</b></nobr></td> <td align="left" valign="top" style="padding:6px 12px;"><?php echo $packname; ?>.</td> </tr> <tr> <td align="right" valign="top" style="padding:6px;"><nobr><b>Package Summary:</b></nobr></td> <td align="left" valign="top" style="padding:6px 12px;"><?php echo $packcontents; ?></td> </tr> <!--SNIPPED--> </table> </center> <?php //END BLOCK 1 - ORDER ENTRY FORM } else { //CODE FOR ANOTHER NEW PAGE SNIPPED END OF QUOTE In the new page, the following texts are displayed - from <?php echo $packcontents; ?>: (1) Direct flight to Beijing by \"Boeing 747\". (2) 3 nights at Beijing Hotel http://www.beijinghotel.cmm. Also in the source code of the link, it shows: <a href=\"http://www.beijinghotel.cmm/\" target=\"_blank\">http://www.beijinghotel.cmm</a> As you can see, the webpage and the source code both print \" instead of just " - the latter would even make the link (URL) go to a "not found" page. Could you please show me how to get around this problem? Thanks, Cofa 1/11/2012 Link to comment Share on other sites More sharing options...
Larry Posted January 13, 2012 Share Posted January 13, 2012 Disable Magic Quotes or apply stripslashes(). Link to comment Share on other sites More sharing options...
Cofa Posted January 14, 2012 Author Share Posted January 14, 2012 Hi Larry, Thank you very much! A good lesson about using htmlentities() and stripslashes(). (I believe my system host has the "Magic Quotes" turned on so the above are my only solutions.) Have a great weekend! Cofa 1/13/2012 Link to comment Share on other sites More sharing options...
Recommended Posts