SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Hybrid View

  1. #1
    SitePoint Evangelist winterheat's Avatar
    Join Date
    Aug 2007
    Posts
    508
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    no way to escape single quote or double quote inside of onclick=' something ' ?

    For the following code, it seems like we cannot escape the single quote? (for Bill Gates's dog). No matter how it is done, the single quote will be taken as the closing single quote for the onclick=' ?

    <a href="#" onclick='changeIt("Bill Gates\'s dog said &amp;quot;Whoof Whoof!&amp;quot; and \n \r\n \t ran away."); return false;'>Click me</a>

    is there really a way around it except to use &amp;#039; to replace that single quote? thanks.

  2. #2
    SitePoint Author silver trophybronze trophy

    Join Date
    Nov 2004
    Location
    Ankh-Morpork
    Posts
    12,158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's an HTML attribute, so you'll need to escape characters HTML-style. That means a character entity or a numeric character reference. For the apostrophe, HTML doesn't have a named entity (XHTML does – &apos; – but that's only allowed in real XHTML which virtually no-one uses). So in this case you need the NCR: &#38;#39;.
    Code HTML4Strict:
    <a href="#" onclick='changeIt("Bill Gates&#39;s dog said &amp;quot;Whoof Whoof!&amp;quot; and \n \r\n \t ran away."); return false;'>Click me</a>
    (Or, better yet, put the script in an external file instead of mixing it with the content. )
    Birnam wood is come to Dunsinane


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •