How to escape variables from DB like ${HOST}?
The situation happens when there is some code posted in tags <pre><code>.
If it remains as it is there’s the error
Uncaught ReferenceError: HOST is not defined.
It’s needed in a context where it’s required to use the character ` for enclosure to prevent the error (it’s a multiline content)
Uncaught SyntaxError: '' string literal contains an unescaped line break
The line generating error it’s
e.setContent(escape(`<? echo $getpost["post"]; ?>`));
It gives the same error also by using
htmlspecialchars(addslashes())
Advertisement
Answer
This line:
e.setContent(escape(`<? echo $getpost["post"]; ?>`));
ends in your code as:
e.setContent(escape(`bla bla2 bla3 `));
Because the $getpost[“post”] contained newlines.
And your javascript isn’t happy about the newlines.
Solution?
That depends on what you are trying to achieve, but you have to escape your newline somehow. For example, replace it by n, or NEWLINE and replace it back later.
Hard to say, but the reason for your error is the newline