Jump to content

quotes in POST but not in variable


justinh
 Share

Recommended Posts

I have a bit of a mystery with quotes in variables.  I'm writing an application that takes a text string from a page from via POST, and I was concerned about dealing with single or double quotes.

I know that if you use single to wrap the content, then there is no issue processing double:

$myvar =  'I say "hello" world'; // I say "hello" world

And if you use double to wrap the content, then there is no issue processing single:

$myvar = "I say don't do that"; // I say don't do that

If you use the same quote inside and outside w/o escaping the non-wrapping quotes, PHP will throw an error.  Example:

$myvar = "I say "hello" world"; // => Parse error

So, I expected my POST values to give me errors if I didn't escape or convert to HTML codes, but I thought how can I do either to prevent an error w/o first incurring the error while extracting the POST data?  I just tried using both quotes in my strings and everything works fine.

$desc1 = ($_POST["desc1"]); echo $desc1; // this is double "test" and single 'test' string

Even if I quote the variable in the echo it works.

Why do I not get an error when going thru the POST?

Justin

Edited by justinh
Link to comment
Share on other sites

You have to distinguish between a representation of the string in your code and the actual value of the string. The variable is being sent in from outside, so there's no literal string that needs to be parsed by the PHP engine.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...