javascript single quote and double quote problem

[hammadtariq]

Hello guys,

          I have this rather classic problem when interacting with databases of handling single quotes and special characters. In PHP I am escaping the single quote with another single quote and regex syntax characters with preg_quote and they are working like a pro. The problem is with javascript, there are some points in my scripts where I am directly passing the database variables at the runtime into the javascript to build it up and that's where it is breaking up.

 

Following is an example:

var href = "region_view.php?min_row=1&max_row=25&reg_name=^*&new''region' blah£"&order_by=reg_name asc"; 

 

Note the reg_name variable, which is giving me an error in firebug console that invalid assignment left-hand side. First question is, is there any function like eval or something which can take care of these single double quotes by default?

Second question is, these type of things are done all along the application. Going back through each javascript line and taking care of single and double quotes will be a hard task to do. Is there something like global which can sort this problem.

 

 

Thanks,

[trq]

Firstly, in php (and in javascript actually) the escape char is a backslash \ using another single or double quote will not work (this isn't vbscript).

 

As for your example, it makes little sense. Maybe....

 

var href = "region_view.php?min_row=1&max_row=25&reg_name=^*&new''+"region' blah£"+"&order_by=reg_name asc";

 

is what you are looking for. That is perfectly valid Javascript.