[英]Using '&' in ajax form submit
I am submitting a form using .ajax()
. 我正在使用
.ajax()
提交表单。
The current script contains: 当前脚本包含:
data: dataString,
dataString
contains: dataString
包含:
var list = $('.listsummary').val()
The class listsummary
belongs to a textarea
which users fill in, or will be (partially) filled in dynamically through a different script. listsummary
类属于一个textarea
,用户可以填充该textarea
,或者将通过不同的脚本动态(部分)填充该textarea
。
The problem is that users nearly all of the time use the '&' sign, for example: 问题是用户几乎所有时间都使用“&”符号,例如:
Potato & Patota blah blah blah
This screws up the dataString
allowing to post everything written before the first '&' is found. 这
dataString
了dataString
允许发布在找到第一个“&”之前写的所有内容。
How can I achieve that the var list
will be properly sent to the PHP handler in order to store the entire textarea
content into the database WITH the use of '&'? 我如何实现将var
list
正确发送到PHP处理程序,以便使用'&'将整个textarea
内容存储到数据库中?
You can encode the string with encodeURIComponent() 您可以使用encodeURIComponent()对字符串进行编码
var list = $('.listsummary').val();
var urlEncoded = encodeURIComponent(list);
You have 2 options. 您有2个选择。 Either pack the data as an object:
将数据打包为对象:
data: { list: $('.listsummary').val() }
Or encode the URI components: 或编码URI组件:
var dataString = "list=" + encodeURIComponent($('.listsummary').val());
Welcome to the world of injections. 欢迎来到注射世界。 This is a simple problem, but there are multiple approaches that you can take:
这是一个简单的问题,但是您可以采用多种方法:
If your data is simple unstructured text, you should set contentType to text/plain or application/octet-stream: 如果数据是简单的非结构化文本,则应将contentType设置为text / plain或application / octet-stream:
$.ajax({ .... data: "Hello & world", contentType: "text/plain", ... });
If your data is key values structured, then you should encode your data as application/x-www-form-urlencoded. 如果数据是键值结构化的,则应将数据编码为application / x-www-form-urlencoded。 This can be achieved in JQuery by passing a JavaScript key-value object to data:
这可以在JQuery中通过将JavaScript键值对象传递给数据来实现:
$.ajax({ .... data: { text: "Hello & World", location: "Boston" }, ... });
If your data has more complex structure, you should encode your data in the most appropriate Content Type (eg JSON, XML, CSV) and set contentType to (eg "application/json", "application/xml", "text/csv") 如果您的数据结构更复杂,则应使用最合适的内容类型(例如JSON,XML,CSV)对数据进行编码,并将contentType设置为(例如“ application / json”,“ application / xml”,“ text / csv” )
$.ajax({ .... data: JSON.stringify(["Hello & world", {"Hello & World"}]), contentType: "application/json", ... });
-- -
On the PHP side, if you need to process anything other than application/x-www-form-urlencoded, you'll need to read the request body directly as a string. 在PHP方面,如果您需要处理application / x-www-form-urlencoded以外的任何内容,则需要直接以字符串形式读取请求正文。 Which can be fine with this code:
可以使用以下代码:
$body = file_get_contents('php://input');
Or if you have PECL: 或者,如果您有PECL:
$body = http_get_request_body();
If you use a web framework, they probably also have ways to process custom content types. 如果您使用Web框架,则它们可能也可以使用一些方法来处理自定义内容类型。 Check the documentation of your web framework.
检查您的Web框架的文档。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.