如何不在提交按钮值中转义 html 实体?
[英]How to not escape html entities in a submit button value?
问题描述
In my form class I am adding a submit button:
在我的表单类中,我添加了一个提交按钮:
$this->add([
'name' => 'submit',
'attributes' => [
'type' => 'submit',
'value' => 'Login ▹',
],
]);
The output is:输出是:
<input name="submit" type="submit" value="Login &#9657;">
How do I stop the value from being escaped?如何阻止value被转义?
Edit编辑
Based on @RubenButurca answer, here is the output:根据@RubenButurca 的回答,输出如下:
3 个解决方案
解决方案1
1 已采纳 2017-02-15 09:17:53
It felt odd escaping the value of my submit input.逃避我提交输入的价值感觉很奇怪。 When I tried values such as <i class="fa fa-caret-right"></i> it, well, didn't escape the quotes and I ended up with random attributes in my input element.当我尝试使用诸如<i class="fa fa-caret-right"></i>之类的值时,它并没有转义引号,最终在我的输入元素中获得了随机属性。 As such, I've swapped from an input field to a button.因此,我已从输入字段切换到按钮。
$this->add([
'name' => 'submit',
'type' => 'button',
'attributes' => [
'type' => 'submit',
'required' => 'required',
'value' => 'Login <i class="fa fa-caret-right"></i>',
],
'options' => [
'label_options' => [
'disable_html_escape' => true,
],
],
]);
ZendButon requires a label, which I didn't want. ZendButon 需要一个我不想要的标签。 So I extended the view helper to take the label value from the element value ( $buttonContent ).所以我扩展了视图助手以从元素值 ( $buttonContent ) 中获取标签值。 Because there is no label attribute there is no label echoed, but the escaped value is still shown in the button tags.因为没有label属性,所以没有标签回显,但转义值仍然显示在按钮标签中。
FormButton:表单按钮:
use Zend\Form\View\Helper\FormButton as ZendFormButton;
use Zend\Form\ElementInterface;
class FormButton extends ZendFormButton
{
/**
* Invoke helper as functor
*
* Proxies to {@link render()}.
*
* @param ElementInterface|null $element
* @param null|string $buttonContent
* @return string|FormButton
*/
public function __invoke(ElementInterface $element = null, $buttonContent = null)
{
if (!$element) {
return $this;
}
// New code here
if(is_null($buttonContent)) {
$buttonContent = $element->getValue();
}
return $this->render($element, $buttonContent);
}
}
Output:输出:
<button type="submit" name="submit" value="Login <i class="fa fa-caret-right"></i>">Login <i class="fa fa-caret-right"></i></button>
解决方案2
0 2017-02-14 16:08:11
If I understand correctly, you want to display Login ▹如果我理解正确,你想显示登录▹
First of all, your result suggests that you have a function somewhere in the code that replaces the escape characters with their codes.首先,您的结果表明您在代码中的某处有一个函数可以用它们的代码替换转义字符。 Second, after you find that piece of code that replaces & with its code, you might have to write " Login &#9657; " in order to obtain "Login ▹"其次,在找到将&替换为它的代码的那段代码后,您可能需要编写“ Login &#9657; ”才能获得“Login ▹” in your HTML code.在您的 HTML 代码中。
Check your code for a function that replaces special characters with their escape codes.检查您的代码是否有用转义码替换特殊字符的函数。 It's difficult to figure out without knowing how your code ends-up in the browser, what code is calling it on its turn, etc.如果不知道您的代码如何在浏览器中结束,轮到什么代码调用它等,就很难弄清楚。
However I am 100% sure you have a function that takes the value and substitutes the special characters with their escape codes - I found your code here: http://www.w3schools.com/charsets/ref_utf_geometric.asp但是,我 100% 确定您有一个函数可以获取值并用转义码替换特殊字符 - 我在这里找到了您的代码: http : //www.w3schools.com/charsets/ref_utf_geometric.asp
解决方案3
0 2017-02-14 17:07:25
I have had to extend the FormSubmit view helper:我不得不扩展FormSubmit视图助手:
use Zend\Form\ElementInterface;
use Zend\Form\View\Helper\FormSubmit as ZendFormSubmit;
class FormSubmit extends ZendFormSubmit
{
protected $_options;
/**
* Render a form <input> element from the provided $element
*
* @param ElementInterface $element
* @throws Exception\DomainException
* @return string
*/
public function render(ElementInterface $element)
{
$this->_options = $element->getOptions();
return parent::render($element);
}
/**
* Create a string of all attribute/value pairs
*
* Escapes all attribute values
*
* @param array $attributes
* @return string
*/
public function createAttributesString(array $attributes)
{
$attributes = $this->prepareAttributes($attributes);
$escape = $this->getEscapeHtmlHelper();
$escapeAttr = $this->getEscapeHtmlAttrHelper();
$strings = [];
foreach ($attributes as $key => $value) {
$key = strtolower($key);
if (!$value && isset($this->booleanAttributes[$key])) {
// Skip boolean attributes that expect empty string as false value
if ('' === $this->booleanAttributes[$key]['off']) {
continue;
}
}
//check if attribute is translatable
if (isset($this->translatableAttributes[$key]) && !empty($value)) {
if (($translator = $this->getTranslator()) !== null) {
$value = $translator->translate($value, $this->getTranslatorTextDomain());
}
}
if(array_key_exists('disable_html_escape', $this->_options) &&
array_key_exists($key, $this->_options['disable_html_escape']) &&
$this->_options['disable_html_escape'][$key] === TRUE) {
$strings[] = sprintf('%s="%s"', $escape($key), $value);
continue;
}
//@TODO Escape event attributes like AbstractHtmlElement view helper does in htmlAttribs ??
$strings[] = sprintf('%s="%s"', $escape($key), $escapeAttr($value));
}
return implode(' ', $strings);
}
}
This code saves the element options in a protected variable so it can be accessed in the createAttributesString function.此代码将元素选项保存在受保护的变量中,以便可以在createAttributesString函数中访问它。 Inside this function, just before the @todo , I check if the escape html option exists, and if set to true then don't escape the attribute value.在这个函数中,就在@todo之前,我检查转义 html 选项是否存在,如果设置为true则不转义属性值。
Use is:用途是:
$this->add([
'name' => 'submit',
'attributes' => [
'type' => 'submit',
'value' => 'Login ▹',
],
'options' => [
'disable_html_escape' => [
'value' => true,
],
],
]);
I am using an array so that I may select, specifically, which attribute to not escape - in this case value .我正在使用一个数组,以便我可以特别选择哪个属性不转义 - 在这种情况下是value 。
Rendered output is:渲染输出为:
<input type="submit" name="submit" value="Login ▸">
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.