10

I'm having a bit of a problem. I am trying to create an IRC bot, which has an ampersand in its password. However, I'm having trouble putting the ampersand in a string. For example...

<?php

$var = "g&abc123";

echo $var;

?>

I believe this should print g&abc123. However it's printing g.

I have tried this as well:

<?php
$arr = array("key" => "g&abc123");
print_r($arr);
?>

This prints it correctly with the g&abc123, however when I say echo $arr['key']; it prints g again. Any help would be appreciated. I'm running PHP5.3.1.

EDIT: Also, I just noticed that if I use g&abc123&abc123 it prints g&abc123. Any suggestions?

Improve this question
1
  • I tested on PHP 5.2.9 and it works fine....now this is an odd one. Commented Jun 17, 2010 at 23:05

4 Answers 4

Reset to default
7

I don't have that issue in a console:

php > $d="g&abc123";
php > echo $d;
g&abc123

What environment are you printing the output to? It sounds like you are viewing it in a web browser, and the & is being interpreted as a malformed HTML entity. Try replacing the & symbol with the entity encoded version &amp;.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

You are correct, I'm printing to the browser. However, it is not part of an HTML tag, link, etc. It is just the only text on the page. Also, I tried with &amp; and it DID display correctly. Unfortunately, this is a problem because I need to send the data to a server, and I'm not sure if it's being sent as g&abc123 or if it's being sent as g, and I can't send g&amp;abc123.
You can automatically transform text into this form with the PHP htmlentities function, and decode with html_entity_deocode - see php.net/manual/en/function.html-entity-decode.php If you're sending it somewhere, etc. you can be confident the value sent is the value as shown by print_r.
You're right. I tried this in Firefox and it doesn't happen. It seems to be a Chrome problem. Thanks!
6

Look at the source code, it will be printing the correct code.

If you want it to print out correctly in HTML, then run htmlentities on it or make the & &amp;

Improve this answer

4 Comments

Then something is wrong with your server -- I just tested it (copied and pasted your code): phoenixdev.net/test-2.php
No Kerry, in Chrome I get the same results. ;) Doesn't happen in Firefox though.
Ah, that means its browser related. I tested IE6, 7 & 8 and they are all fine.
Also, if you do as I said, and put the &amp; it displays correct (not in the source) in Chrome.
1

View the web page source to make sure your variable contains the correct value.

Improve this answer

Comments

1

You're probably sending your output to a Web browser.

The correct way of doing it is

In HTML, XHTML and XML, the ampersand has a special meaning. It is used for character entities. You can think of it as an escape sequence of sorts.

For instance, in PHP, this would be illegal:

$variable = 'It's Friday';

This is because the apostrophe is interpreted by PHP as the end of your string, and the rest of your content looks like garbage.

Instead, you have to say:

$variable = 'It\'s Friday';

Similarly, in HTML and XHTML, you can't say

<h1>Inequalities</h1>
<p> x<yz+3 </p>

This is because it would be interpreted as an element.

Instead, you'd have to say:

<h1>Inequalities</h1>
<p> x&lt;yz+3 </p>

Now, as you can see, the ampersand itself has a special meaning and, therefore, needs to be escaped as &. htmlspecialchars() will do it for you.

Improve this answer

2 Comments

Well... I know the PHP examples... I also know that & has no problem in Firefox. I understand that in XHTML (and probably HTML too) &amp; is the correct way to do it. But I've never had a browser get angry because it wasn't done that way. Trust me, if I was trying to make this valid XHTML, it'd be an &, but I was just using it for debug purposes.
Unfortunately, browsers were designed to accept just about anything you throw at them, but how it's handled is subject to interpretation. The HTML5 team is trying to create a standard for the handling of "tag soup"... I'm personally not too happy about that, but what can I do? I recommend that you create an alias for echo htmlspecialchars($text); Example: function h($text) { echo htmlspecialchars($text); }

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.