duangong1979 2011-08-09 07:08
浏览 26
已采纳

PHP生成JavaScript onClick,带有php数组,引用问题

echo '<a onClick="articleDeleteConfirm("'.
      $row["title_$lang"].'","'.$_GET["editPage"]).'">';

The main problem is with: $row["title_$lang"], i have to use $lang variable inside. " and ' just not enough.

  • 写回答

2条回答 默认 最新

  • dongpo1846 2011-08-09 07:20
    关注

    The problem you describe actually has nothing to do with your PHP variables, those are all being output as expected. The problem is that you need to escape the " inside of the <a> and you've misplaced a ).

    Your original would output:

    <a onClick="articleDeleteConfirm("value1","value2">

    That is not valid HTML (even the highlighter dislikes it). Now, notice the \'s in the following (and that the paren was moved into the string).

    echo '<a onClick="articleDeleteConfirm(\''
     .$row["title_".$lang."].'\',\''.$_GET["editPage"].'\')">';

    The escaped version outputs:

    <a onClick="articleDeleteConfirm('value1','value2')">

    It uses single quotes inside of double quotes to provide easy to read (and valid) html. Now, you have another issue with your code.

    Any time you output a $_REQUEST variable to the browser, you risk something called cross-site-scripting. Someone could put JavaScript into $_GET["editPage"] and it would smell bad. The easy way to avoid it? Use htmlentities($_GET["editPage"])

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥30 Unity接入微信SDK 无法开启摄像头
  • ¥20 有偿 写代码 要用特定的软件anaconda 里的jvpyter 用python3写
  • ¥20 cad图纸,chx-3六轴码垛机器人
  • ¥15 移动摄像头专网需要解vlan
  • ¥20 access多表提取相同字段数据并合并
  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角
  • ¥20 Java-Oj-桌布的计算
  • ¥15 powerbuilder中的datawindow数据整合到新的DataWindow
  • ¥20 有人知道这种图怎么画吗?
  • ¥15 pyqt6如何引用qrc文件加载里面的的资源