Possible escaping quotes problem

[niche]

This script displays the way I need it to when I manually insert it into my script with the correct value for $expdat: <span style="background-color:yellow">Expires ' . $expdat . '. </span>How should I escape the quotes to be able to echo it from a mysql table?If I just INSERT it (as is) into a mysql table and echo it from there, it displays as: Expires ' . $expdat . '.

[justsomeguy]

If you are saving the string of code in the database, then you can use eval to execute it as long as it is valid PHP code. Unlike an include file, eval assumes that this is PHP code, so if you have HTML output then the string should start with a closing PHP tag.http://www.php.net/manual/en/function.eval.phpIt may be a better idea to store printf-encoded strings and then substitute the values later.

[niche]

if $var = <span style="background-color:yellow">Expires ' . $expdat . '. </span>How close is this script to working?:$var = eval($var);echo '<p style="font-size:9px;margin:0px;">' . $var . '</p>';

[justsomeguy]

$var is not set to PHP code, it's set to HTML code, then a single quote, then a period, etc. If this is actually the exact text in your database:

<span style="background-color:yellow">Expires ' . $expdat . '. </span>

Then the first thing you need to do is make it a valid string. There are single quotes to end the string and print the variable, but there's not a single quote to start or end the string. So if that's really what you have then you need to add those quotes before and after the string, and also assign it to a variable or use a return statement.$var = eval("return '" . $var . "';");You can print that out to test, what you print should be a valid line of PHP code or eval won't work.echo "return '" . $var . "';";If you were using printf syntax then you could store this in your database and not mess around with eval:<span style="background-color:yellow">Expires %s</span>

[niche]

This:

$expdat = "06/09/12";$var = "<span style=\"background-color:yellow\">Expires \' . $expdat . \'. </span>";$var = eval("return '" . $var . "';");echo "return '" . $var . "';";

Produces this: return 'Expires ' . 06/09/12 . '. ';I need this: Expires 06/09/12.Then, I began to see the pattern and went to this (which gave me what I needed in this example):

$var = "<span style=\"background-color:yellow\">Expires   $expdat.</span>";$var = eval("return '" . $var . "';");echo  $var ;

However, how does eval() put $var together? If it's the return key word, why isn't it used in http://www.w3schools.com/php/func_misc_eval.asp?

[niche]

This is related to my last thread.This works when $var = "<span style=\"background-color:yellow\">Expires $expdat.</span>";

$expdat = "06/09/12";$var = "<span style=\"background-color:yellow\">Expires   $expdat.</span>";$var = eval("return '" . $var . "';");echo '<div style="float:left;width:288px;height:25px;margin:0px 0px 0px 5px;">';echo '<p style="font-size:9px;margin:0px;">' . $var . '</p>';echo '</div>';

But when $var comes from the same value in an element from a mysql table, the script fails.Expires 06/09/12. turns into Expires $expdat. The on only difference between these values is that one comes from a mysql table and the other definition for $var is as above. What's the difference do you see that I don't?

[niche]

I'm struggling to understand why a value that's manually defined in a script works and why it doesn't work when it comes from a mysql table using eval().This displays properly when it's manually entered:

$dclaim = "<span style=\"background-color:yellow\">Expires   $expdat.</span>";$var = eval("return '" . $dclaim . "';");echo '<p style="font-size:9px;margin:0px;">' . $var . '</p>';

This doesn't (and I don't see the difference):

//$dclaim same as above except from a mysql table including escaped quotes$var = eval("return '" . $dclaim . "';");echo '<p style="font-size:9px;margin:0px;">' . $var . '</p>';

What am I still missing?

[justsomeguy]

However, how does eval() put $var together?

I'm not sure what you're asking.

If it's the return key word, why isn't it used in http://www.w3schools.com/php/func_misc_eval.asp?

Because the W3schools examples are not complete. Look at the Return Values section of the manual page:http://www.php.net/manual/en/function.eval.php

The on only difference between these values is that one comes from a mysql table and the other definition for $var is as above.

Eval is not doing the work in your code. In these lines:

$expdat = "06/09/12";$var = "<span style=\"background-color:yellow\">Expires   $expdat.</span>";

Since you're using double-quotes around the string $var, the variable replacement happens right then. If you print out $var before sending it to eval you'll see that it already has the value filled in.

What am I still missing?

You're missing showing the data from the database so we can figure out why it's not working.Let me know when you're ready to move on from eval and use sprintf instead. The two major problems with this approach so far are that you are storing actual variable names in the database (what if the variable names change? do you want to update everything in the database that uses them?), and that this approach relies on eval. Using sprintf means that you don't need to rely on variable names, you don't need to escape quotes or whatever else in the string, and you don't need to mess around with eval. Sprintf is made for this type of thing, but your original question already had the variable name in the string so that's the direction I went.

[niche]

OK.I need to display (with yellow BG): Expires 06/09/12.This is the hole in my script:< div><p style="font-size:9px;margin:0px;">Something that says: "Expires 06/09/12" (with a yellow BG)</p>;</div>This displays what I need, but everything between the <span> needs to come from the mysql table:printf("<p style=\"font-size:9px;margin:0px;\"> <span style=\"background-color:yellow\">Expires %s. </span></p>",$expdat);Here's the mysql query:include_once "connect_to_mysql.php";$result = mysql_query("SELECT * FROM stk WHERE id = 288") or die(mysql_error());while ($row = mysql_fetch_array($result)) { $id = $row['id']; $pic = $row['pic']; $pic2 = explode("-",$pic); $expdate = $pic2[3]; $expdat = substr($expdate,2,2) . "/" . substr($expdate,4,2) . "/" . substr($expdate,0,2); $dclaim = $row['dclaim'];}value in $expdat = 06/09/12value in $dclaim = <span style=\"background-color:yellow\">Expires $expdat. </span> How do I change the printf() to sprinf() that displays: Expires 06/09/12 (with a yellow BG) using the values in $expdat and $dclaim (or something similar)?

[justsomeguy]

This won't work:value in $dclaim = <span style=\"background-color:yellow\">Expires $expdat. </span>This will:value in $dclaim = <span style="background-color:yellow">Expires %s. </span>After that:$output = sprintf($dclaim, $expdat);

[niche]

You've given me more ways to think about HTML. Thanks justsomeguy.