Hi and for the past 4 days, I have been trying to make a secure spam-proof blog with no login. I manage to embed a lot into a demo but the following code I know works (as I have made it work on my forum login) but has an error with the quotation marks. I know exactly why but don't have a clue on how to solve it. The code contains php, javascript and html but it is the php which has the quotation problems. So the code is:

$cform = "<script type='text/javascript'>
<!--
function doubleSubmit(f)
{  
    // submit to action in form
    f.submit();

    // set second action and submit
    f.action='index.php?act=addcomment';
    f.submit();
    return false;
}
//-->
</script> <form action='$ip=$_SERVER[REMOTE_ADDR];
  $file=file_get_contents('ipLog.txt');
  if(substr_count($file, comment.' '.$ip)==0) {
  $file.='\n' . comment.' '.$ip;
  }
  file_put_contents('ipLog.txt', $file);
  $total=substr_count($file, '\n');' method='post' onsubmit='doubleSubmit(this)'>"

And it goes further on but that is the main part to be focused on. On the first line you will see
$cform = "
In that line you will notice a quotation mark. That quotation mark needs to surround everything related to that variable so it can be used later on. But that uses one type of quotation. Then you will see an action= event. This also needs to be surrounded in quotation marks. But when it comes to adding the quotation marks for the strings in the action event, I have nothing left to use. So basically a third type of quotation mark is needed.
I have tried using brackets and removing some quotation marks to try and reduce the number of quotation marks needed but has not been successful. So does anyone have a clue on how to have a third quotation mark or how to reduce the number of types needed. Although I am new to php I am understanding it very well. Any help would be appreciated.
Thanks

just escape the quotation marks you will need inside the first quotation mark:

$x="this \" is a quote";
echo $x;

I have just tried your example but when I use the \", it skips the rest of the values in the variable. So it acted like a close quotation. Is there more to the example than just placing the \" after the action= or is there something I'm missing.

Sorry about the double post but I can't find the edit button.

I have found that it is impossible to do what I have asked. That is because there is only two quotation types and the computer gets confused when using a quotation type inside the same type of quotation type. However, it is possible to make this script record the info into a text file. It just needs to be placed in a different area. The script I provided in the first post is designed so that when the submit button is pressed, everything happens.

So what you need to do is make the 'comment' variable carry into the next page. Then when the new page loads (the redirect from pressing the button), you need to include in the header of the page the script that records into the text file and to get the variable 'comment' which has been carried into the next page. So basically, you can not have everything happens when clicking the button. In my case, I needed the script to be in the header of the next page with the variable carried to the next page. If you are having the same problem and don't understand this post then just pm me.

You can use the heredoc for that:

$cforms = <<<uniquestring

any html you like here - any at all $variable are evaluated just like double quotes


uniquestring;

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.