[英]Htmlspecialchars ENT_NOQUOTES not working?
I'm trying to output the name of a project ie "David's Project" in a form, if a user does not correctly input all data in the form, to save the user having to input the name again. 如果用户未正确输入表单中的所有数据,我将尝试以表单形式输出项目的名称,即“ David's Project”,以节省用户不得不再次输入名称的麻烦。
If I var_dump $name I see David's project. 如果我var_dump $ name我看到了大卫的项目。 But if I echo $name I see David"'" Project.
但是,如果我回显$ name,我会看到David“&#39”项目。 I realise that ' (single quote) becomes "'";
我意识到'(单引号)变为“&#039”; but I have tried using ENT_NOQUOTES and ENT_COMPAT to avoid encoding the single quote but neither works.
但我尝试使用ENT_NOQUOTES和ENT_COMPAT来避免对单引号进行编码,但均无效。
$name = trim(filter_input(INPUT_POST, 'name0', FILTER_SANITIZE_STRING));
<form method="post" class="form" />
Title: <input type="text" name="name0" value="<?php echo
htmlspecialchars($name, ENT_NOQUOTES); ?>">
Am I doing something wrong or should the ENT_NOQUOTES work? 我是在做错什么,还是ENT_NOQUOTES应该工作? I tried using str_replace to replace with ' with an \\' but this didn't work either.
我尝试使用str_replace替换为'带\\',但这也不起作用。
The only way round this I have found is to use this: 我发现的唯一方法是使用此方法:
htmlspecialchars_decode(htmlspecialchars($name, ENT_NOQUOTES));
Is that acceptable? 可以接受吗?
Sorry I realise this is probably a really stupid question but I just can't get my head around it. 抱歉,我意识到这可能是一个非常愚蠢的问题,但我始终无法解决。
Thanks for any replies. 感谢您的任何答复。
You can accept a simple answer if it solves your problem BUT you should really understand that what you have delved into is a much larger issue you or someone has created for you. 如果它可以解决您的问题,您可以接受一个简单的答案,但是您应该真正了解,您所研究的问题是您自己或某人为您创建的一个更大的问题。
My suggestion, if possible, is to fix your INSERT code first so it isn't html encoding data. 我的建议是,如果可能的话,请先修复您的INSERT代码,以便它不是html编码数据。 This html encoding should happen when you output the data TO AN HTML FORMAT.
当您将数据输出到HTML格式时,应该发生这种html编码。 You would use
htmlspecialchars()
to do this. 您将使用
htmlspecialchars()
进行此操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.