Adding quotes

[mmendo]

Hello all,

 

I am a super newbie to PHP, so please forgive me my uneducated question.

 

I have a PHP script that grabs a field from a database.  The field contents are in HTML code.  The code does not use quotes.  For example,

 <p align=center> 

.  I need to change the code to include quotes, ie

<p align="center">

 

Is this something I can do in PHP? 

 

Thanks!

[marcus]

Next time use quotes when you enter it in the database?

[mmendo]

It was entered in the database with a WYSIWYG editor, which did not use quotes. 

[haku]

<p align=\"center\">[/code

[hitman6003]

There isn't an easy way of doing it...this isn't tested, and may not work in all situations...but:

 

<?php

$test1 = "<p align=center>";
$test2 = "<div align=center color=blue width=100%>";

function quote_html_attributes( $tag ) {
preg_match('/<.+?\s+(.*?)>/', $tag, $matches);

$part_we_want = $matches[1];

if ($part_we_want != "") {
	$matches = explode(" ", $part_we_want);

	foreach ($matches as $match) {
		$parts = explode("=", trim($match));
		$new = $parts[0] . '="' . $parts[1] . '"';

		$tag = str_replace($match, $new, $tag);
	}
}

return $tag;
}

echo htmlentities(quote_html_attributes( $test1 ));
echo "<br /><br />";
echo htmlentities(quote_html_attributes( $test2 ));

?>

[marcus]

That's going to convert everything and won't be emitted into the source as < or "

[hitman6003]

That's going to convert everything and won't be emitted into the source as < or "

 

Please clarify.

[marcus]

I'm sure he wants the code to be properly working with a doctype, your example literally shows the source, instead of parsing it for HTML write out.

 

<p align="center">

<div align="center" color="blue" width="100%">

 

the functions main "function" does work though.

 

Only because you're using htmlentities on that. Removing it works fine.

[hitman6003]

That was for example purposes...just don't put the result returned by the function inside of htmlentities

[hitman6003]

Slightly better version:

 

<?php
ini_set("display_errors", 1);
error_reporting(E_ALL);

$test1 = "<p align=center>blah paragraph blah</p>";
$test2 = "<div align=center color=blue width=100%>blah div blah</div>";
$hard_test = '
<table width=50%>
	<tr style=background-color:blue;>
		<td>table cell test</td>
	</tr>
</table>';

function quote_html_attributes( $tag ) {
preg_match_all('/<[^>]+?\s+(.*?)>/', $tag, $matches);

foreach ($matches[1] as $part_we_want) {
	if ($part_we_want != "") {
		$attrs = explode(" ", $part_we_want);

		foreach ($attrs as $match) {
			$parts = explode("=", trim($match));
			$new = $parts[0] . '="' . $parts[1] . '"';

			$tag = str_replace($match, $new, $tag);
		}
	}
}

return $tag;
}

echo '
<pre>
<!-- so we can see our tests -->
<style>

p {
	border: 1px solid black;
}

div {
	border: 1px solid red;
}
</style>';

// for example purposes, this displays in the browser what should be sent...the htmlentities prevents it from being rendered
// as html, but displays the syntax...
echo htmlentities(quote_html_attributes( $test1 )) . "\n\n";
echo htmlentities(quote_html_attributes( $test2 )) . "\n\n";
echo htmlentities(quote_html_attributes( $hard_test )) . "\n\n";

// and here is the result, as it should be sent to the browser:
echo '
This is a test:' . quote_html_attributes( $test1 ) . '
This is also a test: ' . quote_html_attributes( $test2 ) . '
This is a table test: ' . quote_html_attributes( $hard_test );