[英]Why aren't my htmlspecialchars and str_replace not working?
For my example, please visit http://jflaugher.mystudentsite.net/cmweb241/cmweb241_lab2.html 我的例子,请访问http://jflaugher.mystudentsite.net/cmweb241/cmweb241_lab2.html
I am just needing the htmlspecialchars to work and the str_replace function to remove double and single quotes. 我只需要htmlspecialchars工作,str_replace函数删除双引号和单引号。 Why isn't this working for me?
为什么这不适合我? I am very new to PHP :/
我是PHP新手:/
<?php
$username = str_replace(array("'", "\""), "", htmlspecialchars($_POST['username']));
$password = str_replace(array("'", "\""), "", htmlspecialchars($_POST['password']));
$comment = str_replace(array("'", "\""), "", htmlspecialchars($_POST['comment']));
echo " <p>Your Username is: $username . </p>";
echo " <p>Your Password is: $password . </p>";
echo " <p>Your Comment was: $comment . </p>";
?>
按照Alex Lunix指定的相反顺序使用它
$username = htmlspecialchars(str_replace(array("'", "\""), "", $_POST['username']));
The previous answer is correct. 以前的答案是正确的。
You apply first htmlspecialchars function. 您应用第一个htmlspecialchars函数。 It converts every double quote to "
它将每个双引号转换为“ and every single quote to '.
并且每一个引用都是&#039;。 These special characters are shown in a web browser as double and single quotes respectively.
这些特殊字符在Web浏览器中分别显示为双引号和单引号。
You should apply first str_replace. 您应该首先应用str_replace。 The code below is correct:
以下代码是正确的:
<?php
foreach(array('comment', 'password', 'username') as $key) {
$$key = empty($_POST[$key]) ? null : htmlspecialchars(str_replace(array("'", '"'), '', $_POST[$key]));
echo " <p>Your " . $key. " is: " . $$key . "</p>";
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.