PHP/jQuery to submit/save input with all special characters value
Question
Example..
HTML :
<input type="hidden" value="">
PHP :
<input type="hidden" value="<?php echo $value;?>">
jQuery :
$("input:hidden").val(text);
If text (JS variable) is free text, All html special characters allowed (like single quote / double quote) and save to input:hidden (so submit by PHP)
What is a correctly way to do ?
May I use
echo htmlentities($value); ... in PHP
or replace quotes in jQuery like .val(text.replace(/'/g,"'"))
or what ?
PS : Please think about when I set value to input to save value with jQuery too.
2 answers
solution1
3 ACCPTED 2013-04-05 08:19:37
Converting to htmlentities should work fine.
You can also use strip_tags if you want to remove all HTML tags :
Note: this will NOT stop all XSS attacks
solution2
1 2013-04-05 08:18:02
If you want to echo a PHP variable into some HTML, use:
<input type="hidden" value="<?php echo htmlspecialchars($value); ?>">
http://php.net/manual/en/function.htmlspecialchars.php
If you want to echo a PHP variable into some JavaScript, use:
<?php echo json_encode($value); ?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.