How to take html markup from a string and escape it to work within a script?
- by zac
I am using wordpress as a CMS and trying to allow user fields to be input to populate the info windows in a Google Map script. I am using this to select the id and pull in the content from a custom field :
$post_id = 222;
$my_post = get_post($post_id);
$snip = get_post_meta($post_id, 'custom-field', true);
$permalink = get_permalink( $post_id );
$pass_to = '<div class="content">'.$snip.'</div><div class="moreLink"><a href="'.$permalink.'">Find out more » </a></div></div>';
var point = new GLatLng('<?php echo $lat; $lat; ?>','<?php echo $long; $long; ?>');
var marker = createMarker(point,"<?php echo $mapTitle; $mapTitle; ?>", '<?php echo $pass_to; ?>')
map.addOverlay(marker);
It works fine unless there is any html in the custom-field which breaks the script.
I looked at htmlspcialchar and htmlentities but rather than strip everything out I would like to have it escaped so it still works and the html is intact. Any suggestions? I am pretty new to PHP and would really appreciate any pointers.