doushan9415 2014-05-15 23:03
浏览 16

允许在PHP字符串中混合使用“和”而不关闭变量[duplicate]

This question already has an answer here:

i am allowing users to submit data into my website.

This data will more than likely contain html markup generated by forums. The problem is, some forums use "" for some attributes and then use '' for others.

If the user enters this, it will break my PHP code as i assign this entered text to a variable.

I am using HTMLPurifier on this string.

Is there a way to allow a mixture of "' inside a php string?

e.g:

$text = "This is an image <img src='imagelink' alt="imagetext">";

Wouldn't work. But its what i receive sometimes.

Whilst im at it, what is the correct term for " & ' when giving a value to a attribute?

Craig.

</div>
  • 写回答

1条回答 默认 最新

  • dongshuohuan5291 2014-05-15 23:05
    关注

    You can delimit the quotes inside the variable like this:

    $text = "This is an image <img src='imagelink' alt=\"imagetext\">";

    Which will then do what you need.

    I am not sure how this HTMLPurifier thingy works, but with this delimiting trick up your sleeve, I am confident that you can find a way to stop folks breaking your variables :)

    Edit: As for your little additional question:

    Whilst im at it, what is the correct term for " & ' when giving a value to a attribute?

    I think you are referring to passing by reference. It means when you pass a variable to a function, you aren't just passing it's value, but the actual variable itself which can be modified and then returned.

    <?php
function foo(&$var)
{
    $var++;
}

$a=5;
foo($a);
// $a is 6 here
?>
    评论

报告相同问题?

悬赏问题

  • ¥15 R语言Rstudio突然无法启动
  • ¥15 关于#matlab#的问题:提取2个图像的变量作为另外一个图像像元的移动量,计算新的位置创建新的图像并提取第二个图像的变量到新的图像
  • ¥15 改算法,照着压缩包里边,参考其他代码封装的格式 写到main函数里
  • ¥15 用windows做服务的同志有吗
  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?
  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值