[英]Which Function Substitutes htmlspecialchars() For Arrays?
htmlspecialchars()
哪個函數用htmlspecialchars()
代替了數組? 我正在開發一個小型應用程序,用於將表添加到db,通過html打印它們,並允許通過隱藏的表單按鈕刪除這些表。
?addjoke
錯誤。 錯誤出現在HTML文件的第19行。 我在第19行上方和下方標記了評論標簽。
我還在HTML代碼塊下面附加了PHP Controller,以供參考。
$jokes
數組位於“ // ***** Display DB ***** //”下面。
我只是改變了只選擇一個表兩張表,我不得不改變我的mysqli_fetch_array
從剛剛調用代碼joketext
表(只是打印行)到joketext
和id
( id
刪除joketext
-這導致出現這個問題的功能。 )
所以這段代碼:
while ($row = mysqli_fetch_array($result))
{
$jokes[] = array('id' => $row['id'], 'text' => $row['joketext']); // Changed from just $row['joketext'] to now both tables.
}
迫使我改變:
<p><li><?php echo htmlspecialchars($joke, ENT_QUOTES, 'UTF-8'); ?> -
至:
<p><li><?php echo htmlspecialchars($joke['text'], ENT_QUOTES, 'UTF-8'); ?> -
我知道實際上是一個數組,因為沒有其他方法可以同時調用這兩個數組? 我是新手,所以我不明白為什么htmlspecialchars()
僅可與字符串一起使用...我缺少什么?
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>List of Jokes</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
<link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Slabo+27px">
</head>
<body>
<div id="mainContainer">
<div id="contentContainer">
<div class="headerItem">Here are all the jokes in the database:</div>
<div id="addJoke">+ <a href="?addjoke">Add Joke</a></div>
<ol>
<?php foreach ($jokes as $joke): ?>
// ***** LINE***** 19 //
<form action="?deletejoke" method="post">
// ***** LINE***** 19 //
<p><li><?php echo htmlspecialchars($joke['text'], ENT_QUOTES, 'UTF-8'); ?> -
<input type="hidden" name="id" value="<?php echo $joke['id']; ?>">
<input type="submit" value="Delete"></li></p>
</form>
<?php endforeach; ?>
</ol>
</div>
<div id="footer">
<p><a href="/php/day%207%20code/before/addjoke/">IDJB Home</a> - <a href="?addjoke">Add Joke to IDJB</a> - <a href="#">Sitemap</a></p>
<p>© <?php echo date("Y") ?> Internet Joke Database</p>
</div>
</div>
</body>
</html>
<?php
// ***** MagicQuoteFix ***** //
if (get_magic_quotes_gpc())
{
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
// ***** Begin Connection Info ***** //
$connection = mysqli_connect('localhost', 'ijdbuser', 'ijdbpw');
if (!$connection)
{
$error = 'Unable to connect to the database server.';
include 'error.html.php';
exit();
}
if (!mysqli_set_charset($connection, 'utf8'))
{
$output = 'Unable to set database connection encoding.';
include 'output.html.php';
exit();
}
if (!mysqli_select_db($connection, 'ijdb'))
{
$error = 'Unable to locate the joke database.';
include 'error.html.php';
exit();
}
// ***** Display DB ***** //
$result = mysqli_query($connection, 'SELECT id, joketext FROM joke');
if (!$result)
{
$error = 'Error fetching jokes: ' . mysqli_error($connection);
include 'error.html.php';
exit();
}
while ($row = mysqli_fetch_array($result))
{
$jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
}
if (isset($_GET['addjoke'])) {}
else
{
include 'jokes.html.php';
}
//
// ***** Begin Add/Remove DB Options ***** //
if (isset($_GET['addjoke']))
{
include 'form.html.php';
exit();
}
if (isset($_GET['deletejoke']))
{
$id = mysqli_real_escape_string($connection, $_POST['id']);
$sql = "DELETE FROM joke WHERE id='$id'";
if (!mysqli_query($connection, $sql))
{
$error = 'Error deleting joke: ' . mysqli_error($connection);
include 'error.html.php';
exit();
}
//header('Location: .');
exit();
}
if (isset($_POST['joketext']))
{
$joketext = mysqli_real_escape_string($connection, $_POST['joketext']);
$sql = 'INSERT INTO joke SET
joketext="' . $_POST['joketext'] . '",
jokedate=CURDATE()';
if (!mysqli_query($connection, $sql))
{
$error = 'Error adding submitted joke: ' . mysqli_error($connection);
include 'error.html.php';
exit();
}
header('Location: .');
exit();
}
?>
我意識到我的某些代碼是舊的或折舊的。 我從一本較舊的書開始學習,我認為在轉向更高級的OOP編程之前,我將針對較舊的應用程序來完成此工作。
感謝您幫助我學習。
我是新手,所以我不明白為什么htmlspecialchars()僅可與字符串一起使用...我缺少什么?
您必須遍歷數組並轉義其中的字符串:
foreach($arr as &$v)
$v = htmlspecialchars($v);
現在,您已對數組中的每個值進行了轉義。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.