0

I am trying to insert items into a javascript array for the autocomplete function. I take the values that I need for the array from a database, so I grab them with PHP. Then I just push each item into the javascript array. However, it keeps telling me that I have an "unexpected token ILLEGAL" and it looks like it's pointing at the single "quote" character that gets inserted, then has a newline, then continues to the actual value.

My javascript/PHP

<script type="text/javascript">
        $(function() {
           var availableTags = [];
           <?php

              foreach ($modelList as &$model)
                 echo "availableTags.push('$model');" . "\n";
           ?>
           $("#devicemod").autocomplete({
                 source: availableTags
           });
        });


        </script>

Then the error message...

$(function() {
               var availableTags = [];
               availableTags.push('
***Uncaught SyntaxError: Unexpected token ILLEGAL***
ODEL: T]422P');availableTags.push('');availableTags.push('!');availableTags.push('!6.1/120{ MODEL: TM402P');availableTags.push('!A`$');availableTags.push('!DP1110   CREATED ON: JAN 29 2002');availableTags.push('!MODEL: TM402P');

It should turn out to be...

availableTags.push('ODEL:T]422P');
availableTags.push('');
etc...
Improve this question
2
  • Make sure your variable does not have any quotes. If it has, you will have to escape them. Commented Jul 23, 2013 at 15:46
  • You may also want to replace newlines with \n Commented Jul 23, 2013 at 15:48

2 Answers 2

Reset to default
1

Using json_encode() you can do this in a single (and safe) step:

<script type="text/javascript">
$(function() {
   $("#devicemod").autocomplete({
       source: <?php echo json_encode($modelList); ?>
   });
});
</script>

The json_encode() function makes sure that the values are properly escaped according to the rules of JavaScript notation. This prevents nasty surprises when the values contain single quotes in this case.

If $modelList is not a true list (i.e. the keys are not numbered sequentially), you should apply array_values() first:

...
       source: <?php echo json_encode(array_values($modelList)); ?>
...
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

This is a bad idea:

   echo "availableTags.push('$model');" . "\n";

if $model contains ANY javascript metacharacters, particularly ', you'll introduce syntax errors and kill the entire <script> block. Never directly output arbitrary text into Javascript context - you're basically vulnerable to the JS equivalent of an SQL injection attack.

At bare minimum, you should be using json_encode() to guarantee that your text is syntactically valid for the context you're using it in:

echo 'availableTags.push(' . json_encode($model) . ");\n";

or better yet... why do all this pushing when youd could just generate an array automatically?

<?php
$data = array();
foreach ($modelList as $model) {
   $data[] = $model;
}
?>
var availableTags = <?php echo json_encode($data); ?>;
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.