I want to print a table in PHP, each row has a button to load it's content (HTML codes) into the CKEditor instance.
$column = '<td><a href="#" onclick="CKEDITOR.instances.editor.setData(' . "'" . $HTMLcode . "');" . '">Load</a></td>';
echo $column;
The HTML code also contains quotes because of the CSS styles:
<p style='text-align: center;'>
I had this result, obviously it breaks the code:
<a href="#" onclick="CKEDITOR.instances.editor.setData('<p style='text-align: center;'>Great.</p>');">Load</a>
Any workaround for this? Any help would be appreciated! Thanks in advance, Daniel.
The common solution is htmlentities():
$column = '<td><a href="#" onclick="CKEDITOR.instances.editor.setData('
. "'" . htmlentities($HTMLcode, ENT_QUOTES) . "');" . '">Load</a></td>';
There's also addslashes() which should make the string parseable in JavaScript.
Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash () and NUL (the NULL byte).
What speaks for choosing htmlentities() over addslashes() is the fact that in a valid HTML document, there must be no raw ampersands &. They need to be escaped as & even in JavaScript statements when those are not enclosed in CDATA tags.