Adamhumbug Posted August 21, 2023 Share Posted August 21, 2023 (edited) I have a php function that creates a chunk of html including a onclick call. The onclick function curerntly just console.logs what has been passed in. I am getting a "uncaught SyntaxError: missing ) after argument list" error and i cant for the life of me figure out why. $out .="<tr class='align-middle custom-lc' onclick='triggerClientContextMenu($cId, $coName)'> <td> <div class='companyName'>$coName</div> ...... </td> </tr>"; When i inspect what is being put on the page i see <tr class="align-middle custom-lc" onclick="triggerClientContextMenu(1, Company Name)"> <td> <div class="companyName">Company Name</div> all looks good to me asside from the error in the console. Annoyingly, the error in the console doesnt take me to a useful line of code just to the <!DOCTYPE html>. when i remove this onclick from the PHP, i dont get any errors and everything runs fine. Any pointers? Edited August 21, 2023 by Adamhumbug Quote Link to comment Share on other sites More sharing options...
requinix Posted August 21, 2023 Share Posted August 21, 2023 Does this triggerClientContextMenu(1, Company Name) look like valid Javascript code? Quote Link to comment Share on other sites More sharing options...
Adamhumbug Posted August 21, 2023 Author Share Posted August 21, 2023 1 minute ago, requinix said: Does this triggerClientContextMenu(1, Company Name) look like valid Javascript code? String needs to be in quotes? Quote Link to comment Share on other sites More sharing options...
Solution requinix Posted August 21, 2023 Solution Share Posted August 21, 2023 (edited) 54 minutes ago, Adamhumbug said: String needs to be in quotes? String needs to be in quotes. You've got one set on the outside for PHP, another set on the inside for the HTML attribute, and now you need a third set for the Javascript string. You have three options: // raw double quotes, but escaped because of the PHP quotes $out .="<tr class='align-middle custom-lc' onclick='triggerClientContextMenu($cId, \"$coName\")'>" // double quotes as HTML entities, which won't conflict with PHP's quotes $out .="<tr class='align-middle custom-lc' onclick='triggerClientContextMenu($cId, "$coName")'>" // single quotes as HTML entities, which won't conflict with the HTML's quotes $out .="<tr class='align-middle custom-lc' onclick='triggerClientContextMenu($cId, '$coName')'>" These three options may leave you open to problems if $coName contains apostrophes and you haven't protected yourself against that. A fourth option is to run $coName through json_encode and then htmlspecialchars with the ENT_QUOTES flag (and them in that order), after which you can put it directly into the "code" without manually adding quotes. But the fifth option is better: take a whole different approach to this by not using 1990s' web techniques like inline Javascript handlers... Edited August 21, 2023 by requinix Quote Link to comment Share on other sites More sharing options...
Adamhumbug Posted August 23, 2023 Author Share Posted August 23, 2023 On 8/21/2023 at 11:13 PM, requinix said: But the fifth option is better: take a whole different approach to this by not using 1990s' web techniques like inline Javascript handlers... I enjoyed this - ill try this one. Thanks for the detailed explanation though. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.