Paraphrasing...
OK i have information in a database it reads: This is random text with a "random quote"
$var = 'This is random text with a "random quote"'
onClick="show(\''.$var.'\')
but when displayed (viewing source) it shows:
onclick="show('This is random text with a " random="" quote"')
I have tried mysqli_real_escape_string and str_replace, str_replace works if i am removing the "
Any help, alterations or reworks I would be grateful its driving me nuts right now.
分享 If this for an HTML context, you should be using " to escape those. This is done with the htmlspecialchars function.
If you want it as a JavaScript string, use json_encode on the string.
mysqli_real_escape_string should be used only for database calls, and only as a last resort. Remember, parameterized queries are the best way to compose SQL statements.
You really shouldn't need to ever set an onclick event directly. A library like jQuery has much better ways of doing this:
$('#my_element').click(function() { show('...'); });
