Please help: quotes in views

Going into the Rails console, perhaps you can see what is happening:

Loading development environment (Rails 3.1.3)
1.9.3p194 :001 > qc = '"'
=> "\""

(the next line loads up the ERB utilities, including html_escape)

1.9.3p194 :002 > include ERB::Util
=> Object

(Just calling the function is like html_escape(qc).inspect)

1.9.3p194 :003 > html_escape(qc)
=> """

(To be more like what is happening in your erb file, let's print it)

1.9.3p194 :005 > puts html_escape(qc)
"
=> nil

So seeing that, it's probably obvious why your call with .inspect
worked -- it emitted the double quote marks around the content, which
is one of the things .inspect does.

But to just put it into the erb file embedded in html, all you should
need to do is:

<input type='hidden' name='quote_char' value='<%= html_escape(@quote_char) %>' >

Thank you! I just had a couple of questions:

How should we approach the problem is the tab character is to be included in the string. For example,

<% c = ‘\t’ %>

just shows the tab as a space.

Also, shouldn’t Rails helper tags use single quotes since they work in both cases:

<% c1 = “’” %>

<input type=‘hidden’, name=‘char1’ value=’<%= html_escape(c1) %>’>

<% c2 = ‘"’ %>

<input type=‘hidden’, name=‘char2’ value=’<%= html_escape(c2) %>’>

Thanks! I really appreciate the discussion.

How should we approach the problem is the tab character is to be included in
the string. For example,

<% c = '\t' %>
<input type='hidden' name='char' value='<%=html_escape(c) %>' >
just shows the tab as a space.

The tab char (\t) is not converted by html_escapes() as far as I know;
if you want to make it an HTML-ish entity, you're probably going to
have to encode that yourself (it's &#0011; , btw). Even so, I'm not
sure what the value of that would be, as it doesn't actually seem to
fill up any space in an input text box.

Also, shouldn't Rails helper tags use single quotes since they work in both
cases:
<% c1 = "'" %>
<input type='hidden', name='char1' value='<%= html_escape(c1) %>'>

<% c2 = '"' %>
<input type='hidden', name='char2' value='<%= html_escape(c2) %>'>

In both cases, the characters c1 and c2 are being converted to HTML
entities, &apos; and &quot; respectively, and no longer contain and
sort of "quoteness" (if you'll permit) in the HTML context they get
rendered in.

I'm not about to say anything regarding which quoting should be
policy; in fact I'll argue strenuously against any such policy.

Thanks! I really appreciate the discussion.

My pleasure!