How to Escape Single-Quote (Apostrophe) in String Using PHP

  • Home
  • Languages
  • PHP
  • How to Escape Single-Quote (Apostrophe) in String Using PHP

How do I escape only single quotes?

Quite simply: echo str_replace('\'', '\\\'', $myString);
However, I'd suggest use of JSON and json_encode() function as it will be more reliable (quotes new lines for instance):

<?php $data = array('myString' => '...'); ?>

<script>
   var phpData = <?php echo json_encode($data) ?>;
   alert(phpData.myString);
</script>

Escape single quotes in string containing single and double quotes

To escape nested quotes in PHP, use the \

 $confirmation .= '<a title="Share on Facebook" target="_blank" href="javascript: void(0)" onclick="window.open(\'http://www.facebook.com/sharer.php?u=http%3A%2F%2Fmydomain.com%2Fquiz%2F\',\'sharer\',\'toolbar=0,status=0,width=548,height=325\');" class="">Share on Facebook</a>';

For a complicated case with lots of quotes, it may be more readable and practical to use a heredoc:

$confirmation .= <<<EOT
  <a title="Share on Facebook" target="_blank" href="javascript:void(0)" onclick="window.open('http://www.facebook.com/sharer.php?u=http%3A%2F%2Fmydomain.com%2Fquiz%2F','sharer','toolbar=0,status=0,width=548,height=325');" class="">Share on Facebook</a>
EOT;

Php remove single quote from string

I don't think escaping the single quote would work in str_replace where you're using double quotes to wrap the needle values - I'd be tempted as you want just the numbers to go with:

$string = preg_replace("/[^0-9]/", "", $match[1]);

As a more reliable approach.

Alternatively if you're confident that the single quote and $ are the only characters to strip just remove your \ in the array so you're looking for just "'" rather than "'"

UPDATE:

Try removing htmlentities & any tags first to be safe:

$string = preg_replace("/[^0-9]/", "", strip_tags(html_entity_decode($match[1])));

UPDATE 2:

The below code will work for you and strips the HTML entity which was representing the quote mark.

require 'simple_html_dom.php';
$html = file_get_html('https://swissborg.com/chsb-overview');
$replacechars = array ("'", "$");
preg_match('/class="accent no-margin-bottom inline">(.*?)</', $html, $match);
//echo "<BR>";
echo "<BR>";
$string = preg_replace("/&#?[a-z0-9]+;/i","",$match[1]);
var_dump($string);

For future similar issues you can see the actual content, hidden content and all when debugging using json_encode / htmlspecialchars. e.g.:

echo json_encode(htmlspecialchars($match[1]));

How to use single quote inside an echo which is using single quote

Either escape the quote with a backslash, or use double quotes to designate the string.

echo 'Here goes your message with an apostrophe S like thi\'s';

echo "Here goes your message with an apostrophe S like thi's";

How to escape single quotes within single quoted strings

If you really want to use single quotes in the outermost layer, remember that you can glue both kinds of quotation. Example:

 alias rxvt='urxvt -fg '"'"'#111111'"'"' -bg '"'"'#111111'"'"
 #                     ^^^^^       ^^^^^     ^^^^^       ^^^^
 #                     12345       12345     12345       1234

Explanation of how '"'"' is interpreted as just ':

  1. ' End first quotation which uses single quotes.
  2. " Start second quotation, using double-quotes.
  3. ' Quoted character.
  4. " End second quotation, using double-quotes.
  5. ' Start third quotation, using single quotes.

If you do not place any whitespaces between (1) and (2), or between (4) and (5), the shell will interpret that string as a one long word.

Escaping single quote in PHP when inserting into MySQL

You should be escaping each of these strings (in both snippets) with mysql_real_escape_string().

http://us3.php.net/mysql-real-escape-string

The reason your two queries are behaving differently is likely because you have magic_quotes_gpc turned on (which you should know is a bad idea). This means that strings gathered from $_GET, $_POST and $_COOKIES are escaped for you (i.e., "O'Brien" -> "O\'Brien").

Once you store the data, and subsequently retrieve it again, the string you get back from the database will not be automatically escaped for you. You'll get back "O'Brien". So, you will need to pass it through mysql_real_escape_string().

How do I use single quotes inside single quotes?

echo "<div id=\"panel1-under\">Welcome ".$_SESSION['username']."</div>";

or

echo '<div id="panel1-under">Welcome '.$_SESSION['username'].'</div>';

Quick Explain :

  • You don't have to reopen the tags inside a echo String (" ... ")
  • What I have done here is to pass the string "Welcome " concatenated to $_SESSION['username'] and "" (what the . operator does)

  • PHP is even smart enough to detect variables inside a PHP string and evaluate them :

    $variablename = "Andrew";

    echo "Hello $variablename, welcome ";

=> Hello Andrew, welcome

More infos : PHP.net - echo


Related Topics

Woocommerce: Display Some Reviews Randomly on Home Page

Is PHP's 'Include' a Function or a Statement

How to Dynamically Build Queries with Pdo

Sum Specific Values in a Multidimensional Array (Php)

Doctrine - How to Print Out the Real SQL, Not Just the Prepared Statement

PHP Cli Getting Input from User and Then Dumping into Variable Possible

Email Validation Using Regular Expression in PHP

Get Domain Name from Full Url

PHP Get Both Array Value and Array Key

How to Get Unix Timestamp in PHP Based on Timezone

Performance in Pdo/Php/Mysql: Transaction Versus Direct Execution

Can't Install PHPunit via Pear, Requires Pear Installer >= 1.9.2, Can't Upgrade Pear from 1.9.0

Storing Database Connection in a Session Variable

How to Solve Error 404 When Deploying Laravel Project to Cpanel

Variable Type Hinting in Netbeans (Php)

Correct Indentation of HTML and PHP Using Vim

PHP Generated Xml Shows Invalid Char Value 27 Message

Non-Breaking Utf-8 0Xc2A0 Space and Preg_Replace Strange Behaviour


Leave a reply



Submit