Prev: How to detect what Library is behind the $ function?
Next: How do I modify a dropdown box?
From: FAQ server on 2 May 2010 19:00
-----------------------------------------------------------------------
FAQ Topic - How do I get a jsp/php variable into
client-side javascript?
-----------------------------------------------------------------------

Use the server-side language to generate the javascript:

// JSP
var jsvar = "${ jspVar }";
// PHP
var jsvar = "<?php echo $phpVar ?>";

If an inline-script tag is used, the string must not contain any
markup-significant characters such as ` < `, ` > `, ` & `, ` ' ` or ` " `. Such
characters must be converted HTML entities on the server.

http://www.w3.org/TR/html4/sgml/entities.html


The complete comp.lang.javascript FAQ is at
http://jibbering.com/faq/

--

The sendings of these daily posts are proficiently hosted
by http://www.pair.com.

From: Thomas 'PointedEars' Lahn on 3 May 2010 07:33
Garrett Smith wrote:

> David Mark wrote:
>> FAQ server wrote:
>>> -----------------------------------------------------------------------
>>> FAQ Topic - How do I get a jsp/php variable into
>>> client-side javascript?
>>> -----------------------------------------------------------------------
>>
>> Why jsp/php? This doesn't apply to ASP, Python, etc.?
>>
>
> The question need not include all languages. What is written should not
> be confusing.
>
>>> Use the server-side language to generate the javascript:
>>
>> That's an awkward way to put it. You can't use anything else but a
>> language when programming. Is this supposed to be as opposed to the
>> server-side tractor?
>
> It is apparently a contrast to the client side scripting language.
>
>>> // JSP
>>> var jsvar = "${ jspVar }";
>>> // PHP
>>> var jsvar = "<?php echo $phpVar ?>";

AISB, if specific examples are given, it is a good idea recommend the proper
escaping approaches; addslashes() for PHP in this example.

>>> If an inline-script tag is used, the string must not contain any
>>> markup-significant characters such as ` < `, ` > `, ` & `, ` ' ` or ` "
>>> `. Such characters must be converted HTML entities on the server.

The madness of using spaced backticks as delimiter in the text version
becomes obvious here.

>> An inline-script tag? Is that some sort of secret code for attribute
>> value? And do you really need to use an entity for single-quotes if the
>> attribute value is delimited by double quotes.

No.

>> Wouldn't surprise me if that's a rule, but it certainly isn't a
>> requirement in any browser I've used.

It is neither a rule nor a requirement.

> Changed to "inline script".
>
> The character `&` prevents the page from validating.

Nonsense. It prevents the content of _XHTML_ `script' elements that is not
declared as CDATA from validating.

> A quote mark can terminate a string or terminate the attribute of
> generated strings of HTML.

True.

> Angle brackets can affect the HTML.

There is no such thing as an angle bracket. And the `<' and `>' characters
can affect HTML only in specific context.

> var userSubmitted = "${param.userName}";
>
> myElement.innerHTML = "<h1 title='" + userSubmitted + "'>...

That is perfectly valid code.

> When param.userNamecontains something that looks like a closing tag,

There is no such thing as a "closing tag". That syntax element is called
"end tag".

> it can terminate the script. For example: "</script>" would end the script
> block.

In HTML. Not in XHTML within a block declared as CDATA.

>> The linked w3c reference document is of little use for beginners.
> Depends. I learned by reading w3c specifications such as HTML 4,
> starting from early on.

Much to learn, still you have.™


PointedEars
--
realism: HTML 4.01 Strict
evangelism: XHTML 1.0 Strict
madness: XHTML 1.1 as application/xhtml+xml
-- Bjoern Hoehrmann
From: John G Harris on 3 May 2010 15:41
On Mon, 3 May 2010 at 13:33:25, in comp.lang.javascript, Thomas
'PointedEars' Lahn wrote:

<snip>
>There is no such thing as an angle bracket.
<snip>

There is in Unicode; they have no special significance in HTML.

John
--
John Harris
From: Eric Bednarz on 3 May 2010 19:28
Thomas 'PointedEars' Lahn <PointedEars(a)web.de> writes:

> There is no such thing as a "closing tag".
^^
Just like the local leader of the French Resistance in 'Allo 'Allo, I
will quote this only once:

“In the nineteenth century, which was a dark and inflationary age in
typography and type design, many compositors were encouraged to stuff
extra space between sentences. Generations of twentieth-century typists
were then taught to do the same, by hitting the spacebar twice after
each period. Your typing as well as your typesetting will benefit from
unlearning this quaint Victorian habit.”
—Robert Bringhurst

> That syntax element is called
> "end tag".

I don ISO 8879 name for “closing a tag” is still 'end-tag'.

From: Eric Bednarz on 3 May 2010 19:38
Eric Bednarz <bednarz(a)fahr-zur-hoelle.org> writes:

> I don ISO 8879 name for “closing a tag” is still 'end-tag'.

Bad Gnus!

s/I don/The/

 |  Next  |  Last
Pages: 1 2 3 4
Prev: How to detect what Library is behind the $ function?
Next: How do I modify a dropdown box?