Escape double quotes for HTML attributes output by PHP

Question

Escape double quotes for HTML attributes output by PHP

Often when writing PHP, I will output some HTML like this -

echo "<a href="../" title="link title">".$link_text."</a>";

Obviously this will not be parsed as I need to avoid double quotes in the attributes of the element <a>. Is there a regex that would quickly do this instead of manually adding a backslash?

One more thing: the regex should not escape double quotes outside the tag (for example, where I added the variable $link_text.

Any ideas?

+3

html php regex bbedit

Phil Jul 08 '09 at 9:55

source share

6 answers

, ( ):

echo '<a href="../">' . $link_text. '</a>';

```
echo "<a href='../'>$link_text</a>";
```

Sprintf

echo sprintf('<a href="../">%s</a>', $link_text);

HEREDOC

echo <<<EOF
<a href="../">$link_text</a>
EOF;

, smarty

PHP-:

?><a href="../"><?php echo $link_text ?></a><?php // other code...

, htmlspecialchars() on $link_text, XSS.

+8

Maciej Łebkowski 08 . '09 10:09

( ..)

echo <<<EOT
<a href="../" title="link title">$link_text</a>
EOT;

+5

Ish 08 . '09 10:00

, .

PHP:

<a href="../" title="link title"><?php echo $link_text; ?></a>

+3

Quentin 08 . '09 10:04

heredoc. .

0

F0G 26 . '12 7:02

,

http://www.example.com/.../Learning-Tutorials/ACTIVE-USER-ACCOUNT/verify.php?email='.$email.'&hash='.$hash.'

"<a href="//www.example.com/.../Learning-Tutorials/ACTIVE-USER-ACCOUNT/verify.php?email="$email&hash=$hash>Click Here to Active</a>"

try it.

0

user1600211 Dec 6 '14 at 9:01

source share

Greg · Accepted Answer · 2009-07-08T10:00:24+0000

Instead, use only quotation marks:

echo '<a href="../" title="link title">' . $link_text . '</a>';

Escape double quotes for HTML attributes output by PHP

More articles: