FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Writing double-prime to file?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Writing double-prime to file? [message #184789 is a reply to message #184787] Sat, 01 February 2014 18:00 Go to previous messageGo to previous message
adrian is currently offline  adrian
Messages: 27
Registered: December 2012
Karma:
Junior Member
Christoph Michael Becker <cmbecker69(at)arcor(dot)de> wrote:

> Adrian Tuddenham wrote:
>
>> ~~~~~~~~ Sending code within an HTML page ~~~~~~~
>>
>> <!--NOEDIT--><?php
>>
>> Print "<P><FONT SIZE=\"+1\" COLOR=\"#CCFFFF\"><B>Sent = \"$Sent\"
>> </B></FONT><FONT SIZE=\"+1\" COLOR=\"#CCFFFF\"><B>Paid =
>> \"</B></FONT><FONT SIZE=\"+2\"
>> COLOR=\"#FF0000\"><B>$Paid</B></FONT><FONT SIZE=\"+1\"
>> COLOR=\"#CCFFFF\"><B>\" Reminder = \"$Reminder\"</B></FONT>";
>>
>> print"<P><FORM
>> ACTION=\"http://www.poppyrecords.co.uk/php/PayFileGen2.php\"
>> METHOD=POST><CENTER><INPUT TYPE=hidden NAME=txt VALUE=\"$txt\"><INPUT
> ^^^^^^^^^^^^^^
>> TYPE=submit NAME=Submit VALUE=\"O.K.\"></B></FONT></CENTER></FORM>";
>> print $txt;
>> ?><!--/NOEDIT-->
>> ~~~~~ end of sending code ~~~~~~~
>
> Consider the code that will be generated for the part "highlighted"
> above, when there are double-quotes contained in $txt.
>
> You should never ever output variables which may contain special
> characters to your HTML unescaped; use htmlspecialchars()[1].
>
> [1] <http://www.php.net/manual/en/function.htmlspecialchars.php>

I did not think I was outputting the variable to HTML, the handler for
that code is written in PHP (although it does generate some HTML, but
the problem occurs before that bit).

Would it make more sense to re-write the program above so that it is a
PHP program and generates the necessary HTML, rather than being an HTML
page with PHP code embedded in it?



--
~ Adrian Tuddenham ~
(Remove the ".invalid"s and add ".co.uk" to reply)
www.poppyrecords.co.uk
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Phonegap upload issue with PHP server
Next Topic: RE: Seeeking Windows PHP IDE for USB Stick
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 24 23:12:40 GMT 2024

Total time taken to generate the page: 0.04201 seconds