Hi!

I've been trying to add HTML attributes to table rows. The attributes are for JavaScript events handling, i.e. onclick, onmouseover, etc.

The problem appears when I want to assign a JavaScript function to treat the event. So if I use somehing like:
onclick="function('param', val1, val2)" the single-quotes around my firmst param get HTML escaped, because of the chain of functions that affects each of the attribute I pass:
theme() - theme_table() - drupal_attributes() -check_plain() - htmlspecialchars() .

There seems no obvoius way to avoid this. So how to you guys cope with this?

Alexander Ciobanu

Comments

Steven’s picture

Entities should not affect the parsing and processing of JavaScript as far as I know. If they do then the browser is broken. Have you tried double quotes?

--
If you have a problem, please search before posting a question.