Does JavaScript have a built-in function like PHP's addslashes [or addcslashes] function to add backslashes to characters that need escaping in a string?
For example, this:
This is a demo string with 'single-quotes' and "double-quotes".
...would become:
This is a demo string with \'single-quotes\' and \"double-quotes\".
asked Apr 20, 2009 at 23:50
Steve HarrisonSteve Harrison
115k15 gold badges85 silver badges71 bronze badges
6
You can also try this for the double quotes:
JSON.stringify[sDemoString].slice[1, -1];
JSON.stringify['my string with "quotes"'].slice[1, -1];
Knu
14.6k5 gold badges56 silver badges88 bronze badges
answered Apr 3, 2014 at 12:30
9
A variation of the function provided by Paolo Bergantino that works directly on String:
String.prototype.addSlashes = function[]
{
//no need to do [str+''] anymore because 'this' can only be a string
return this.replace[/[\\"']/g, '\\$&'].replace[/\u0000/g, '\\0'];
}
By adding the code above in your library you will be able to do:
var test = "hello single ' double \" and slash \\ yippie";
alert[test.addSlashes[]];
EDIT:
Following suggestions in the comments, whoever is concerned about conflicts amongst JavaScript libraries can add the following code:
if[!String.prototype.addSlashes]
{
String.prototype.addSlashes = function[]...
}
else
alert["Warning: String.addSlashes has already been declared elsewhere."];
SharpC
6,4284 gold badges43 silver badges39 bronze badges
answered Mar 31, 2010 at 18:51
Marco DemaioMarco Demaio
32.7k33 gold badges126 silver badges157 bronze badges
4
You can also use this
let str = "hello single ' double \" and slash \\ yippie";
let escapeStr = escape[str];
document.write["str : "+str];
document.write["
escapeStr : "+escapeStr];
document.write["
unEscapeStr : "+unescape[escapeStr]];answered Dec 30, 2020 at 13:23
1
Deprecated: This feature is no longer recommended. Though some browsers might still support it, it may have already been removed from the relevant web standards, may be in the process of being dropped, or may only be kept for compatibility purposes. Avoid using it, and update existing code if possible; see the
compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time. Warning: Although … All of the language features and behaviors specified in this annex have one or more undesirable characteristics and in the absence of legacy usage would be removed from this specification. … … Programmers should not use or assume the existence of these features and behaviors when writing new
ECMAScript code. … escape[] is not strictly deprecated [as in "removed from the Web standards"], it is defined in
Annex B of the ECMA-262 standard, whose introduction states:
The escape[] function computes a new string in which certain characters have been replaced by a hexadecimal escape sequence.
Note: This function was used mostly for URL queries [the part of a URL following ?]—not for escaping ordinary String literals, which use the format \xHH. [HH are two hexadecimal digits, and the form \xHH\xHH is used for higher-plane Unicode
characters.]
Escaped characters in String literals can be expanded by replacing the \x with %, then using the decodeURIComponent[] function.
Syntax
Parameters
str
A string to be encoded.
Return value
A new string in which certain characters have been escaped.
Description
The escape function is a property of the global object. Special characters are encoded with the exception of: @*_+-./
The hexadecimal form for
characters, whose code unit value is 0xFF or less, is a two-digit escape sequence: %xx. For characters with a greater code unit, the four-digit format %uxxxx is used.
Examples
Using escape
escape['abc123']; // "abc123"
escape['äöü']; // "%E4%F6%FC"
escape['ć']; // "%u0107"
// special characters
escape['@*_+-./']; // "@*_+-./"
Specifications
| ECMAScript Language Specification # sec-escape-string |
Browser compatibility
BCD tables only load in the browser