Re: [Rails] Please help: quotes in views

On Thu, Mar 21, 2013 at 4:27 PM, Y S <yusuhail@gmail.com> wrote:
> Say I have a hidden field inside a form which tells me which quote character
> some file uses. The details are irrelevant, but I need to have a string
> value that could have a double quote. Assume we have a variable
>
> @quote_char = '"'
>
> Now, in the view, I try all of these
>
> <input type='hidden' name='quote_char' value=<%=
> html_escape(@quote_char) %> >
> <input type='hidden' name='quote_char' value="<%=
> html_escape(@quote_char) %>" >
> <input type='hidden' name='quote_char' value="<%= @quote_char %>" >
> <input type='hidden' name='quote_char' value=<%= @quote_char.inspect %>
>>
> <%= hidden_field_tag :quote_char, @quote_char %>
>
> None of these give well-formed HTML that was interpreted correctly by the
> browser. The only one that seemed to work was
> <input type='hidden' name='quote_char' value=<%=
> html_escape(@quote_char).inspect %> >
> which gave
> <input type='hidden' name='quote_char' value="&quot;" >
>
> So what exectly is the correct way to handle strings possibly containing
> quotes in views. Obviously the string may or may not contain said quotes
> every time the view is generated so there should be a general way to handle
> this with some helper function, etc.

Going into the Rails console, perhaps you can see what is happening:

Loading development environment (Rails 3.1.3)
1.9.3p194 :001 > qc = '"'
=> "\""

(the next line loads up the ERB utilities, including html_escape)

1.9.3p194 :002 > include ERB::Util
=> Object

(Just calling the function is like html_escape(qc).inspect)

1.9.3p194 :003 > html_escape(qc)
=> "&quot;"

(To be more like what is happening in your erb file, let's print it)

1.9.3p194 :005 > puts html_escape(qc)
&quot;
=> nil

So seeing that, it's probably obvious why your call with .inspect
worked -- it emitted the double quote marks around the content, which
is one of the things .inspect does.

But to just put it into the erb file embedded in html, all you should
need to do is:

<input type='hidden' name='quote_char' value='<%= html_escape(@quote_char) %>' >

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.