I'm doing something like following to transfer value from PHP to javascript:
var str = '<?php echo $v; ?>';
If there is no "'" in $v, it'll just be fine.
But in case there is "'" in $v, obviously error will be reported.
So far I've only used mysql_real_escape, which is not applicable now.