Double vs single quote

[Joshua Beall]

Hi All,

The W3C validator does not seem to mind single-quoted attributes, but I have
heard it said that using single quotes to delimit attribute values can get
you into trouble with some browsers. Is that still a real problem today?
What are some thoughts on this?

-Josh

 

[C A Upsdell]

Hi All,

The W3C validator does not seem to mind single-quoted attributes, but I have
heard it said that using single quotes to delimit attribute values can get
you into trouble with some browsers. Is that still a real problem today?
What are some thoughts on this?

If a browser has a problem with single quotes, it is defective. I have
never myself encountered such a problem.

 

[Joshua Beall]

If a browser has a problem with single quotes, it is defective. I have
never myself encountered such a problem.

Yeah, I realize that - what I am asking is, are there many browsers out
there like this? I have never encountered one myself either.

 

[Jay]

Hi All,

The W3C validator does not seem to mind single-quoted attributes, but I have
heard it said that using single quotes to delimit attribute values can get
you into trouble with some browsers. Is that still a real problem today?
What are some thoughts on this?

My ASP pages write HTML tags with single quoted attributes and I've never
seen any browser have a problem with them.

<% response.write "<p id='mainP'>Text</p>" %>


--
"Some see the glass as half-empty;
some see the glass as half-full.
I see the glass as too big." - George Carlin

- J

 

[Anthony Boyd]

My ASP pages write HTML tags with single quoted attributes and I've never
seen any browser have a problem with them.

<% response.write "<p id='mainP'>Text</p>" %>

Yes, I always used single quotes in HTML for the same reason. However,
(and this is unverified second-hand stuff), PHP offers some functions to
escape strings, but they don't escape single quotes. Off the top of my
head, I think it was htmlspecialchars. So this wouldn't work:

$name = "Jon's Coffee Store";
$name = htmlspecialchars($name);
print "<input type='text' name='foo' value='$name' />";

Because it ends up looking like this:

<input type='text' name='foo' value='Jon's Coffee Store' />

In other words, only "Jon" appears as the value. So the people I work
with have decided to use normal quotes for HTML, and single quotes for
their print statements. Supposedly it's faster than interpolated
strings anyway. Like this:

echo '<input type="text" name="foo" value="', $name, '" />';

FWIW.

 

[Jeff Thies]

A bit offtopic question about PHP. I seldom use it... Nothing against it.

Yes, I always used single quotes in HTML for the same reason. However,
(and this is unverified second-hand stuff), PHP offers some functions to
escape strings, but they don't escape single quotes. Off the top of my
head, I think it was htmlspecialchars. So this wouldn't work:

$name = "Jon's Coffee Store";
$name = htmlspecialchars($name);
print "<input type='text' name='foo' value='$name' />";

Doesn't PHP offer other methods of defining strings?

For example in Perl:

print qq{<input type="text" name="foo" value="$name" />
variables are interpolated, a single q is non interpolated

};

or a heredoc

print <<thishtml;
<input type="text" name="foo" value="$name" />
variables are interpolated, print <<'thishtml' is non interpolated

thishtml

as well as this:

print '<input type="text" name="foo" value=" ' . $name . ' " />';

or this:

print "<input type=\"text\" name=\"foo\" value=\"$name\" />";

or (escaping done automatically, value can have single or double quotes) :

use CGI;
my $q=new CGI;
print $q->textfield(-name=>'foo',-value=>$bar);

There's others also...

I know ASP lacks these, but I just sort of assumed this was doable in PHP.

Jeff

 

[Toby A Inkster]

Doesn't PHP offer other methods of defining strings?

PHP ain't as flexible with strings as Perl is. It has '...', "..." and
`...` (which all work the same way as in Perl) and that's about it.

 

[Joshua Beall]

PHP ain't as flexible with strings as Perl is. It has '...', "..." and
`...` (which all work the same way as in Perl) and that's about it.

Actually it has another way of doing it: the heredoc syntax. Looks like
this:

$name = 'Josh';
$HTML = <<<EOT
<p class="pTitle">The heredoc syntax</p>

<p class='text'> The heredoc syntax allows you to use single and double
quotes, without escaping either. Additionally, you can embed variables,
like
my name, $name. If you want to embed complex variables (e.g., arrays,
properties of objects), you want to put curly brackets around the variable,
like this: {$_SERVER['HTTP_USER_AGENT']}.</p>

<p>Additioanlly, tyings like \n, \r, \t, etc., will all be interpreted as
expected,
not literally placed in the string.</p>

<p>Great, ain't it?</p>
EOT;

echo $HTML; // Send it to the browser

I use the heredoc syntax all the time; it's great. There is also nothing
stopping you from echoing the string to the screen immediately, as opposed
to first storing it in a variable, and then echoing it to the screen.

-Josh

 

[Phil Roberts]

With total disregard for any kind of safety measures Toby A

PHP ain't as flexible with strings as Perl is. It has '...',
"..." and `...` (which all work the same way as in Perl) and
that's about it.

If you delimit a string with `` PHP will attempt to execute it as a
system command.

 

[Toby A Inkster]

With total disregard for any kind of safety measures Toby A


If you delimit a string with `` PHP will attempt to execute it as a
system command.

Aha. Just like in Perl.