I have a javascript variable set to the contents of a database comments
field.
To set the js variable I used the PHP addslashes function which encodes
the apostrophe, double quotes and the backslash.
I need to use the variable contents 3 times;
- display on HTML page
- pre-populate a text area with it
- make it the body of an e-mail
When I display the variable using document.write, things like "<b>"
turn the text to bold. To get around this problem I found the function
function htmlEncode(s){
return s.replace(/&(?!\w+([;\s]|$))/g, "&").replace(/</g,
"<").replace(/>/g, ">");}
However, this function turns my original single and double quotes into
"&..."
My thought now is I need to convert the single & double quotes back to
their original characters, then run it through the above function.
Is there an easier way to do this?
If not, how do I convert the "&..." back to the real character
before passing it to the above function?
As far as I can tell the function works, does anyone see problems with
it?