Comments on Open Source Opportunities: Nested-Nested Quotes

Hi Ryan, You inspired me to write a very simple t...

2010-02-28T22:07:04.361-08:00

Hi Ryan,

You inspired me to write a very simple test case for solving this problem.

In the code below, I replace Google Analytics pageTracker namespace with my own. I include a function called _trackEvent that does nothing but output the third parameter, which is the one you're having problems with.

I then create a single textbox to contain a "name". I include two divs, one represents the original code you submitted to me. The other represents a modified version. Instead of onsubmit, I use onclick. What matters is what's inside the attribute.

Click either link, and an alertbox will appear. One will show you that the function "document.getElementById" is never evaluated while the other link will clearly show the name from the textbox.

Using the second link, I could swap out my pageTracker namespace with Google Analytics, click on the second link, and know that the test data is being tracked by the analytics.

This is intended to demonstrate how you can write a simple, easy test case in JavaScript to help you verify that the results of one module of your code are correctly passing the values as the proper inputs to another module.

To run the code below, copy to a file on your desktop called "test.html", save, and run in Mozilla Firefox.

<html>
<head>
<style>
.test {
color:blue;
text-decoration:underline;
cursor:pointer;
cursor:hand;
padding:0 0 10px 0;

}

</style>
<script type="text/javascript">

// In the author's code, I'm not sure what this function is supposed to do, but it doesn't matter. All I need to do is see the input values passed to the final function call.
function MM_callJS(strFunct) {
alert(strFunct);
eval(strFunct);

}

// I replace Google Analytics's pageTracker namespace with my own, which includes a function that just outputs what I expect the value I pass in to be. If the data I'm passing in doesn't look like what I expect, I can use this tool to help me debug it.
var pageTracker = {
_trackEvent: function(strEmail,strQuote,strValue) {

alert('You know your code is working if you see the value of the third argument here: ' + strValue);
}
};

/*

When you get your code to the point it is in the second example, you'll then know it is passing in the correct inputs, then you can swap your pageTracker namespace out with Google Analytics.

*/

</script>
</head>
<body>
<div id="test1" class="test" onclick="MM_callJS('pageTracker._trackEvent(\'Email\', \'Quote\', \'document.getElementById(\"name\").value\')')">Test1: First attempt, you'll see the function name alerted instead of the value.</div>
<div id="test2" class="test" onclick="MM_callJS('pageTracker._trackEvent(\'Email\', \'Quote\', \'' + document.getElementById('name').value + '\')')">Test1: First attempt, you'll see the function name alerted instead of the value.</div>
<br /><br />
<p>Below is the "name" from the form:</p>
<input id="name" value="James"></input>

</body>
</html>

Hi, I am using some Javascript tracking code to t...

2010-02-26T01:39:01.801-08:00

Hi,

I am using some Javascript tracking code to track clients emailing me; however, I am having a slight problem. Here is my code:

<form action="" method="post" onsubmit="MM_callJS('pageTracker._trackEvent(\'Email\', \'Quote\', \'document.getElementById(\"name\").value\')')">

The problem is with the onsubmit method. It all works fine and tracks properly; however, I am trying to get the users name from the javascript form in the third argument:

\'document.getElementById(\"name\").value\')'

However, it just returns the actual words document.getElementById("name").value') rather than giving me what I want (the name of the user entered into the "name" text field.

What am I doing wrong?

Thanks,

Ryan

I'm glad to hear that people are getting use out o...

2009-03-06T18:48:00.000-08:00

I'm glad to hear that people are getting use out of this. I had a lot of fun writing this article; thanks for the feedback!

James

Great post!

This was really helpful in a re...

2009-03-02T20:58:00.000-08:00

Great post!

This was really helpful in a recent update to our web site.

On the site, server side ASP.NET code needs to generate javascript code that contains a document.write statement which passes quoted string parameters to a function to 'flip' an image (the image is an ambigram.

The nesting became quite silly, but it was actually in the simplest form it could be to get the job done!

Anyway, thanks for taking the time to do such a nice write-up.

I managed to get through it, in the onclick string...

2009-01-08T21:21:00.000-08:00

I managed to get through it, in the onclick string I used function(){ }
Thanks though

And how to make literal quotes non-literal O_O tha...

2009-01-07T23:31:00.000-08:00

And how to make literal quotes non-literal O_O that's what I'm looking for: this is my code, can you help me?

onmouseout=\"javascript: document.getElementById('inp_".$fila['id']."').onclick='location.href='inbox?setla=true&lang=".$lenguaje."&ver=mensaje&id=".$fila['id'].$leer."''; if (document.getElementById('chec_".$fila['id']."').checked == true){ document.getElementById('chec_".$fila['id']."').value = '1'; } else if (document.getElementById('chec_".$fila['id']."').checked == false){ document.getElementById('chec_".$fila['id']."').value = 'null'; }\">";

Thank you,your piece was pretty helpful. I am pers...

2008-12-18T00:18:00.000-08:00

Thank you,your piece was pretty helpful. I am personally using PHP right now so I'd like to add that instead of using the escape sequence in '/' we can also use the dot operator for the purpose.

<td onclick="f_myFunction('someStringC...

2008-08-13T05:26:00.000-07:00

<td onclick="f_myFunction('someStringContaining\'SingleAnd\"DoubleQuote');" >

Therefore, for the above example to function properly, you would only escape the inner single quotes, not the double quotes.

James - thank for that info

But if we are not going to escape the double quotes then it is going end the onClick attribute def!

<td onclick="f_myFunction('someStringC...

2008-08-12T18:41:00.000-07:00

<td onclick="f_myFunction('someStringContaining\'SingleAnd\"DoubleQuote');" >

The top level quote is a single quote. This means that any single quotes inside the string must be escaped with a '\'. The double quotes will be treated as regular characters.

Therefore, for the above example to function properly, you would only escape the inner single quotes, not the double quotes.

James

Hi,

I am facing a nesting quote problem in ...

2008-08-12T04:03:00.000-07:00

Hi,

I am facing a nesting quote problem in the below scenario
...
<td onclick="f_myFunction('someStringContaining\'SingleAnd\"DoubleQuote');" >
...

Any suggestions here..Thanks!

I was using this method of quotes within quotes to...

2008-06-04T20:02:00.000-07:00

I was using this method of quotes within quotes to manipulate the DOM, that is until I discovered Taconite.

Taconite lets you use special XML tags to wrap an AJAX response, and these XML tags instruct a parser on where to place the response in the HTML DOM.

It's LGPL code, so you can take the XML parser and use it without the AJAX portion with some hacking.

Although there are tools to help eliminate the need to use strings within strings, I still find that this is indeed theh only solution in some cases.

James

Omg I'm having a quotation nightmare! I'm re-crea...

2008-06-02T19:31:00.000-07:00

Omg I'm having a quotation nightmare! I'm re-creating a select box using javascript so that I can have onclick/onmouseover events on the options.

The creation process of these options and the subsequent usage of the parameters are impossible, man.

It's killing me!!!

Kudos to you for getting somewhere with it

Comments on Open Source Opportunities: Nested-Nested Quotes

Hi Ryan, You inspired me to write a very simple t...

Hi, I am using some Javascript tracking code to t...

I'm glad to hear that people are getting use out o...

Great post!This was really helpful in a re...

I managed to get through it, in the onclick string...

And how to make literal quotes non-literal O_O tha...

Thank you,your piece was pretty helpful. I am pers...

<td onclick="f_myFunction('someStringC...

<td onclick="f_myFunction('someStringC...

Hi,I am facing a nesting quote problem in ...

I was using this method of quotes within quotes to...

Omg I'm having a quotation nightmare! I'm re-crea...

Great post!

This was really helpful in a re...

Hi,

I am facing a nesting quote problem in ...