0

I'm trying to build a large JSON string in PHP and then echo it to the client like this. My problem is that the PHP function json_encode isn't properly escaping characters for the purposes of javascript.

Here's my data:

my_table
------------------------------------------------------------------
|       title       |                 description                |
------------------------------------------------------------------
| Something's "Fun" | Hello[invisible carriage return char]World |
------------------------------------------------------------------

There are three characters in these data that need to be escaped: the single quote, the double quote, and the carriage return character.

Here's my php that turns the data into json (after I put the data into an object):

$array = array(
   'title' => obj->title,
   'desc' => obj->description
);

$json = json_encode($array);

I then take my json string with the "properly" escaped characters and echo it to the client from my view like this:

<script>
   var jsonString = '<?php echo $json; ?>';
   var obj = JSON.parse(jsonString);
</script>

But when the page loads, my browser (Chrome) pushes an "Unexpected identifier" error because this is what the script tag actually looks like:

<script>
   var jsonString = '{"title":"Something's \"Fun\"","desc":"Hello\nWorld"}';
   var obj = JSON.parse(jsonString);
</script>

From the perspective of js the double quote is the only one that's escaped correctly. The single quote isn't escaped at all and js freaks out at the \n.

BTW: manually escaping the single quote doesn't work. And I don't know what to do with the \n to get js to recognize it.

Improve this question
5
  • 1
    json_encode should already be returning a valid JavaScript object literal, so there is no need to parse it again. Commented Sep 6, 2014 at 13:13
  • Why are you rewrapping the JSON output in a string and then parse it again? (If you really must: apply json_encode twice instead of adding quotes by yourself.) Commented Sep 6, 2014 at 13:13
  • [palm to forehead] @Gumbo, you're right! Don't know what I was thinking there. I guess for a moment I brain-cramped and forgot that json is already written litterally as a js object - that's the whole point. [palm to forehead again] Post this an answer and I will accept. Commented Sep 6, 2014 at 13:19
  • @mario you're comment sounds right as well. Commented Sep 6, 2014 at 13:24
  • no one want to post an answer? Commented Sep 6, 2014 at 15:59

1 Answer 1

Reset to default
3

This is simply a misunderstanding of what json is: written literally in a format that can create a javascript object. So once a json string is echo'd to the page in a <script> tag there is no need to parse it. The code in the view should look like this:

<script>
   var obj = <?php $json; ?>;
</script>
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

You may want to, instead, use JSON.parse(<?php $json; ?>);. Also, including PHP directly into javascript seems odd; you should use AJAX here or else simply use PHP to display your data.
@user1477388 your example causes the same problem that my code did. (There's no need to parse it again as the comments above state.) Yes, ajax is a viable option but in my case it didn't make sense to create more calls to the server. Also, letting PHP send it to the page in html was definitely another option but in my situation it created a lot of unnecessary markup.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.