[英]Cannot pass variable with apostrophe in “a href” link
I select a list of names from mysqli database then display row details in display.php with if (isset($_GET['name']));我 select 来自 mysqli 数据库的名称列表,然后在 display.php 中显示行详细信息 if (isset($_GET['name'])); The link is
链接是
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?name=$str'>$str</a></td></tr>";
This executes correctly unless name contains '(apostrophe).除非名称包含'(撇号),否则这将正确执行。
For instance $str
(as input/click) shows as L'ECLIPSE
but the <a>
link only L'
The result in display.php is 'No data found for your request'例如
$str
(作为输入/点击)显示为L'ECLIPSE
但<a>
链接仅L'
display.php 中的结果是 'No data found for your request'
I have found exact same queries on this site but none of the answers have resolved my problem.我在这个网站上找到了完全相同的查询,但没有一个答案能解决我的问题。 Perhaps I am not implementing correctly.
也许我没有正确实施。 I assume this is about escaping.
我假设这大约是 escaping。 But I know little about it.
但我对此知之甚少。
<?php
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?name=".urlencode($str)."'>$str</a></td></tr>";
urlencode() the string first. urlencode()首先是字符串。 So you don't get this kind of problems.
所以你不会遇到这种问题。
<?php
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?name=".$str."'>$str</a></td></tr>";
Try this code.试试这个代码。
<?php
$str = strtoupper($str);
echo "<tr><td><a href='php/display.php?
name=".htmlspecialchars($str)."'>$str</a></td></tr>";
?>
Your Single quote becomes '你的单引号变成 '
I hope it will help我希望它会有所帮助
You have to use htmlspecialchars($str)
你必须使用
htmlspecialchars($str)
What it does is it switches all special characters to their respective html equivalent它的作用是将所有特殊字符切换到它们各自的 html 等效字符
for example:例如:
' -> '
" -> "
and so on.等等。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.