How to write <img src> correctly in php without escaping in HTML

I am having problems with my PHP code. I change everything to 6 o'clock and I still get errors in Parse no matter what I do. This is the code:

$slider3 = '<img src="'templates/' . $this->template . '/images/slider/slider3.jpg'">' . '" alt="' . $sitename . '" />';


The only way I can figure out without getting it to throw an error is to write it like this:

$slider3 =  '<img src="templates/" . $this->template . "/images/slider/slider3.jpg" .  "/>"';


but I don't think this is correct.

I want $ slider3 = "templates / MYTEMPLATE / images / slider / slider3.jpg" and then I will echo $ slider3;

I am so confused with all single and double quotes. I think the first one is right - I look at it and study it and it looks right to me. But it throws a parse error.


source to share

4 answers

$slider3 = '<img src="templates/'.$this->template.'/images/slider/slider3.jpg"/>';


must work.


'<img src="templates/'


is a single quoted string that contains a double quote (which is required for the html src attribute or any other html attribute value)



(dot) is the string concatenation operator. It concatenates ("glue") the first line along with ...



which is presumably a string containing the template name (not clear from the code example). Note that if the $ this-> pattern comes from user input or otherwise no validation, it can be used for cross-site scripting, for example. if it contains the warning "> <script> (" XSS! ") <script>, the javascript is executed in the browser!



another concatenation with ...

'/images/slider/slider3.jpg "/">

which is another quoted string that contains a double quote ending with the value of the src attribute.



Try the following:

$slider3 =  '<img src="templates/"' . $this->template . '"/images/slider/slider3.jpg"/>';




$template = "MYTEMPLATE";
$slider3 =  '<img src="templates/'.$template.'/images/slider/slider3.jpg"/>';
echo $slider3;


There will be an echo →

<img src="templates/MYTEMPLATE/images/slider/slider3.jpg"/>




Just write:

$templates = "var";
echo  "<img src='templates/${templates}/images/slider/slider3.jpg'/>";


this will lead to

<img src='templates/var/images/slider/slider3.jpg'/>




All Articles