ansaurus

Question

send html text with ajax, problem on '&'?

Answer 1

+2 A:

You can (and should) escape query string components with encodeURIComponent.

data: "corr=" + encodeURIComponent(corr) + "&IDFS=" + encodeURIComponent(IDFILES),

Edit: jQuery can accept an Object in the data field. You should just use

data: ({
  corr: corr,
  IDFS: IDFILES
}),

so that jQuery can automatically encode the query string.

KennyTM 2010-07-29 14:54:06

thanks, I how could forgot this istruction. thank you very much :)

albanx 2010-07-29 15:06:36

Agreed, sending the data to jquery as an object is by far the best plan. The 'data as a query string' syntax is really terrible in my opinion, and apparently it has other issues.

Alex JL 2010-07-29 15:30:05

Answer 2

A:

I would personally escape all html going into before posting it via AJAX that and have the php file unescape the resultant or Sanity Check the input in PHP before processing. I've not been caught with this one but I can see where it might be an issue.

Gopher 2010-07-29 14:55:29

Answer 3

+1 A:

The corr value cannot contain &. If it does, you need to urlencode that value. To do this, use the escape() method.

var corr = escape(some.innerHTML()); //(corr='&lt; some text &lt;')
$.ajax({
    type:"POST", 
    url:"flatplan/save_corr.php",
    data:"corr="+corr+"&IDFS="+IDFILES,
    success: function(msg){
        //success handler
    },
    error:function(x,e){
        ajax_errors(x,e);
    }
});

EndangeredMassa 2010-07-29 14:55:35

ansaurus

tags:

views:

answers:

send html text with ajax, problem on '&'?

related questions