禁止从php include对HTML文件执行PHP脚本执行
[英]Disable PHP script execution on HTML file from a php include
问题描述
I want to display html file content in php file script without execute any php script from html file. 
我想在php文件脚本中显示html文件内容,而无需从html文件执行任何php脚本。 It's for security reason. 这是出于安全原因。
Files :
|_ content
| |_page.html
|_page.php
page.php content : page.php内容:
<div>
<span>
<?php include('content/page.html'); ?>
</span>
</div>
page.html content : page.html内容:
<b>Titre :</b> hello world.
<?php echo "[php execution]"; ?>
When I open the page.html I see: 当我打开page.html时,我看到:
Titre : hello world.
when I open the page.php I see: 当我打开page.php时,我看到:
Titre : hello world.[php execution]
I don't want to execute any php script on the page.html because the user can change the content. 我不想在page.html上执行任何php脚本,因为用户可以更改内容。 I would like to include only the html content and disable all php script execution. 我只想包含html内容,并禁用所有php脚本执行。
1 个解决方案
解决方案1
5 已采纳 2014-04-03 13:05:50
include will always exclude PHP code, but you can get round this by reading and echoing the file instead: include将始终排除PHP代码,但是您可以通过读取并回显该文件来解决此问题:
<div>
<span>
<?php echo file_get_contents('content/page.html'); ?>
</span>
</div>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.