FUDforum: comp.lang.php » How to transfer value to iframe?

Home » Imported messages » comp.lang.php » How to transfer value to iframe?

Show: Today's Messages :: Polls :: Message Navigator

Re: resolved?? Re: How to transfer value to iframe? [message #183152 is a reply to message #183150]

Thu, 10 October 2013 23:37

Thomas 'PointedEars'
Messages: 701
Registered: October 2010

Karma:

Senior Member

Norman Peelman wrote:

> On 10/10/2013 01:01 PM, richard wrote:
>> On Wed, 9 Oct 2013 22:32:22 -0400, richard wrote:
>>> http://mroldies.net/200/audiox.php
>>>
>>> First, the sound will work only in firefox.
>>> So don't go bashing me for that.
>>
>>
>> <?php
>> $number=$numbers[0];
>> echo '<iframe id="x1" src="audiox1.php?asong='.$number.'"
>> name="alpha"></iframe>';
>> ?>
>>
>> At least the first number is now displayed.
>
> echo "<iframe id=x1
> src='audiox1.php?asong=$number&name=$alpha'></iframe>";

The safe syntax is

echo "<iframe id=x1
src='audiox1.php?asong={$number}&name={$alpha}'></iframe>";

> No need to quote the *values*, they are sent as text.

Utter nonsense. Depending on the version of HTML and the attribute value,
attribute values MUST be quoted. The safe approach is to *always* quote
attribute values, it certainly is when attribute values or parts of those
are generated like here. Since double-quoting is more common than single-
quoting, double-quoting as it was done by the OP actually is the safe
approach.

You might have misread the original code, which is actually equivalent to

echo '<iframe id="x1" src="audiox1.php?asong='
. $number
. '" name="alpha"></iframe>';

if we assume that the line-break after “$number.'"” was accidental
originally or was inserted when you quoted the original code.

In particular, in your code the value of $alpha must be *URI-encoded* or the
URI-reference that is the attribute value is invalid or the entire HTML
fragment could become invalid (or code-injected) if $alpha contains space or
special characters. Other generated attribute values, unless it is certain
that code injection is impossible (for example with int values), SHOULD be
htmlspecialchars()'d.

> Not sure what you're doing with -alpha-, I assume it is a variable as
> well...

Does it look like one? RTFM.

PointedEars
--
> If you get a bunch of authors […] that state the same "best practices"
> in any programming language, then you can bet who is wrong or right...
Not with javascript. Nonsense propagates like wildfire in this field.
-- Richard Cornford, comp.lang.javascript, 2011-11-14

Report message to a moderator

[Message index]

		How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 02:32
		Re: How to transfer value to iframe? By: David Robley on Thu, 10 October 2013 03:13
		Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 03:31
		Re: How to transfer value to iframe? By: David Robley on Thu, 10 October 2013 03:50
		Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 04:01
		Re: How to transfer value to iframe? By: Jeff North on Thu, 10 October 2013 04:40
		Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 04:51
		Re: How to transfer value to iframe? By: J.O. Aho on Thu, 10 October 2013 05:10
		Re: How to transfer value to iframe? By: Thomas 'PointedEars' on Thu, 10 October 2013 23:15
		Re: How to transfer value to iframe? By: Denis McMahon on Thu, 10 October 2013 13:25
		Re: How to transfer value to iframe? By: Denis McMahon on Thu, 10 October 2013 13:12
		resolved?? Re: How to transfer value to iframe? (was: How to transfer value to iframe?) By: Mr Oldies on Thu, 10 October 2013 17:01
		Re: resolved?? Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 17:28
		Re: resolved?? Re: How to transfer value to iframe? By: Derek Turner on Thu, 10 October 2013 17:39
		Re: resolved?? Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 19:47
		Re: resolved?? Re: How to transfer value to iframe? By: Denis McMahon on Thu, 10 October 2013 21:31
		Re: resolved?? Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 23:45
		Re: resolved?? Re: How to transfer value to iframe? By: The Natural Philosoph on Fri, 11 October 2013 00:45
		Re: resolved?? Re: How to transfer value to iframe? By: Evan Platt on Fri, 11 October 2013 15:17
		Re: resolved?? Re: How to transfer value to iframe? By: Denis McMahon on Fri, 11 October 2013 15:27
		Re: resolved?? Re: How to transfer value to iframe? By: Evan Platt on Sat, 12 October 2013 04:21
		Re: resolved?? Re: How to transfer value to iframe? By: David Robley on Fri, 11 October 2013 01:13
		Re: resolved?? Re: How to transfer value to iframe? By: Norman Peelman on Thu, 10 October 2013 22:13
		Re: resolved?? Re: How to transfer value to iframe? By: Thomas 'PointedEars' on Thu, 10 October 2013 23:37
		Re: resolved?? Re: How to transfer value to iframe? By: Thomas 'PointedEars' on Thu, 10 October 2013 23:51
		Re: resolved?? Re: How to transfer value to iframe? By: Mr Oldies on Thu, 10 October 2013 23:43
		Re: resolved?? Re: How to transfer value to iframe? By: Norman Peelman on Fri, 11 October 2013 02:30
		Re: resolved?? Re: How to transfer value to iframe? By: Denis McMahon on Fri, 11 October 2013 15:39
		Re: resolved?? Re: How to transfer value to iframe? By: Norman Peelman on Fri, 11 October 2013 23:04
		Re: resolved?? Re: How to transfer value to iframe? By: Thomas 'PointedEars' on Fri, 11 October 2013 11:05

Previous Topic:	please unsubscribe me
Next Topic:	Can't change upload_max_filesize

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Fri Sep 20 09:53:49 GMT 2024

Total time taken to generate the page: 0.04938 seconds