String formatting questions?

[delphidestructor]

I’m new to php so keep that in mind when you read my question(s).

What, if any, is the difference between;

$myvar = “Joe Blow”;

$outputstr = “The user is $myvar”; ,

$outputstr = “The user is “.$myvar; ,

and

$outputstr = “The user is “;
$outputstr .= $myvar;
?

Another question I have that is related, is about the html text areas and text boxes. How do you handle all the single and double quotes that a user might enter? I have a field defined as text in my database, which I plan on storing input from text areas in. I can see how this would work ok if you add all the necessary backslashes before the insert call and remove them when the data is retrieved, although I have not tried this yet and I’m not sure how to do it. But my big question is I have a user feedback page that user may email me their comments from. When I get the email the body contains backslashes in front of any quotes. How do you get around this? I cannot think of a way to do this. How do you format the text so php does not throw any errors but the end result in the email does not have the special formatting characters? I hope all this made sense to someone. I really need some help with this. Thanks in advance, Mike.
Mike

 

[sleipnir214]

The three examples you have given are functionally eqivalent. Pick one that matches your personal programming idiom, then stick with that style for consistency's sake.

PHP provides functions to handle the quote problem you describe. Since you did not specify a database server, I will assume MySQL, since it is the database server most commonly used with PHP. Take a look at the PHP function mysql_escape_string() (

http://www.php.net/manual/en/function.mysql-escape-string.php)

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!

 

[reidgivens]

you might try the preg_replace function

$newvar=preg_replace("\","",$oldvar);

This take out an \ in the variable. Reid Givens
Webdeveloper

http://www.reidgivens.com

 

[skiflyer]

I would stick with PHP's built in functions, or write a more detailed regex... you never know, the user might want to put \'s in their input, and that one will remove intentional backslashes as well.

-Rob

 

[DaRNCaT]

to remove the slashes from a form when it is going through the mail function I have found this method easiest- I don't know if it will fit with the rest of what you are doing, but it may be of some use to you.
(mail($toaddress,"Email enquiry From ".$firstname,stripslashes($mailcontent),$headers)

this strips the slashes from all the mail content so that if "it's" is written in the mail body it dosen't come out as "it\'s"
Sometimes, when my code just won't behave, I take it outside and make it listen to britney spears music, and when it comes back it's really well behaved. I wonder if it's suffering from post tramatic stress syndrome now..