I am getting a string from a database which contains ' and " I am outputing the string to html like this. $htmldata =<<<htmldata <b onmouseover="my_func('$data')">$data</b> htmldata; echo $htmldata; PHP: Since $data has ' and " I am getting this error in my html validator: "Unterminated String Constant" How do I fix this? I've tried escaping $data many different ways, but none of them are working.
below should do the trick str_replace('"','\"', str_replace ("'","\\'",$data)) PHP: needs slashes in front of both ' and " in data variable. Failing that - mysql_escape_string($data);
The only problem with mysql_escape_string that I can see is that for you to use it it requires you to have an open database connection, which is fine if you do, but will lead to new and exciting errors if you don't.
i really don't see why you don't just assign it an id and use addEventListener('mouseover' elsewhere to bind to it