JQuery - Loading HTML into textarea

Question

Ok, I have this php variable:

<?php
$htmlstring = '<p>This is a test email<br /><br /><br /></p>
<p><span style="color: #808080; font-size: 12px; font-family: Tahoma,sans-serif;"><strong>Some Text here with an apostophe or image: <br /><img title="Test Img" src="http://somefakeurl.com/img/somefakeimg.gif" alt="test img" width="112" height="59" />';
?>

And I have this below it on my main.php

<textarea name="testload" id="testload"></textarea>

<script language="javascript" type="text/javascript">
$(document).ready(function(){

   $("#testload").val('<?=$htmlstring;?>');

});

This won't display.
However, if I change it to the code below, it'll display:

 $("#testload").val('<?=mysql_real_escape_string($htmlstring);?>');

I feel like I'm bandaiding the process, but perhaps it's fine? (also, I have plans to dynamically load other html into the same textarea, and this is just for testing a single html string)

Answer 1

You don't need to escape it for SQL, but for javascript.

$("#testload").val(<?= json_encode($htmlstring);?>);

Answer 2

If there is no reason as to why you are loading this via jQuery why don't you just do:

<textarea name="testload" id="testload">
    <?php echo htmlspecialchars($htmlstring); ?>
</textarea>