Try this:

尝试这个：

<?php $htmlString= 'testing'; ?>
<html>
  <body>
    <script type="text/javascript">  
      // notice the quotes around the ?php tag         
      var htmlString="<?php echo $htmlString; ?>";
      alert(htmlString);
    </script>
  </body>
</html>

When you run into problems like this one, a good idea is to check your browser for JavaScript errors. Different browsers have different ways of showing this, but look for a javascript console or something like that. Also, check the source of your page as viewed by the browser.

当您遇到这样的问题时，一个好主意是检查您的浏览器是否存在 JavaScript 错误。不同的浏览器有不同的显示方式，但请寻找 javascript 控制台或类似的东西。此外，请检查浏览器查看的页面来源。

Sometimes beginners are confused about the quotes in the string: In the PHP part, you assigned 'testing'to $htmlString. This puts a string value inside that variable, but the value does not have the quotes in it: They are just for the interpreter, so he knows: oh, now comes a string literal.

有时初学者会对字符串中的引号感到困惑：在 PHP 部分，您分配'testing'给$htmlString. 这将一个字符串值放入该变量中，但该值中没有引号：它们仅用于解释器，所以他知道：哦，现在是字符串文字。

You're missing quotes around your string:

您的字符串周围缺少引号：

...
var htmlString="<?php echo $htmlString; ?>";
...

All the explanations above doesn't work if you work with .js files. If you want to parse PHP into .js files, you have to make changes on your server by modfiying the .htaccess in which the .js files reside using the following commands:

如果您使用 .js 文件，上面的所有解释都不起作用。如果要将 PHP 解析为 .js 文件，则必须使用以下命令修改 .js 文件所在的 .htaccess 在服务器上进行更改：

<FilesMatch "\.(js)$">
    AddHandler application/x-httpd-php .js
</FilesMatch>

Then, a file test.js files containing the following code will execute .JS on client side with the parsed PHP on server-side:

然后，包含以下代码的文件 test.js 文件将在客户端执行 .JS 并在服务器端解析 PHP：

<html>
<head>
<script>
function myFunction(){
   alert("Hello World!");
}
</script>
</head>
<body>
<button onclick="myFunction()"><?php echo "My button";?></button>
</body>
</html>

The only proper way to put server side data into generated javascript code:

将服务器端数据放入生成的 javascript 代码的唯一正确方法：

<?php $jsString= 'testing'; ?>
<html>
  <body>
    <script type="text/javascript">      
      var jsStringFromPhp=<?php echo json_encode($jsString); ?>;
      alert(jsStringFromPhp);
    </script>
  </body>
</html>

With simple quotes the content of your variable is not escaped against HTML and javascript, so it is vulnerable by XSS attacks...

使用简单的引号，您的变量内容不会针对 HTML 和 javascript 进行转义，因此它很容易受到 XSS 攻击...

For similar reasons I recommend to use document.createTextNode()instead of setting the innerHTML. Ofc. it is slower, but more secure...

出于类似的原因，我建议使用document.createTextNode()而不是设置innerHTML. 办公室 它更慢，但更安全......

you need quotes around the string in javascript

你需要在 javascript 中的字符串周围加上引号

var htmlString="<?php echo $htmlString; ?>";

As others have pointed out you need the quotes, but I just want to point out that there's a shorthand method of writing this same line of code

正如其他人指出的那样，您需要引号，但我只想指出，有一种编写同一行代码的速记方法

var htmlString="<?=$htmlString?>";

See you can leave out the "php echo" stuff and replace it with a simple "=".

看你可以省去“php echo”的东西，用一个简单的“=”代替它。