PHP 生成的 javascript 和引号
我在 PHP 代码中生成一些 javascript,并且需要将一些 php 变量分配给 javascript 变量。不幸的是,有时我的 PHP 变量包含引号。例如:
$foo = "'Dis here be a \"string\"";
print "<script type='text/javascript'>var foo = '{$foo}';</script>";
将生成一个 javascript 错误,因为生成的 javascript 将如下所示:
<script type='text/javascript'>var foo = '"'Dis here be a \"string\"';
我知道我可以在 $foo 上使用 regexp 将所有 ' 标记替换为 \' 但这由于各种原因很难。除此之外我还能做些什么吗?类似于 perl q() 函数的东西......
I'm generating some javascript in my PHP code, and I need to assign some php variables to javascript variables. Unfortunately, sometimes my PHP variables contain quote marks. for instance:
$foo = "'Dis here be a \"string\"";
print "<script type='text/javascript'>var foo = '{$foo}';</script>";
will generate a javascript error because the resulting javascript will look like this:
<script type='text/javascript'>var foo = '"'Dis here be a \"string\"';
I know I can use regexp on $foo to replace all ' marks with \' but this is hard for various reasons. Is there anything I can do short of that? Something akin to the perl q() function...
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
尝试这样做吗?
请参阅:http://php.net/manual/en/function.addslashes.php
Tried doing this?
See: http://php.net/manual/en/function.addslashes.php
我使用 json_encode()。
https://www.php.net/manual/en/function。 json-encode.php
I use json_encode().
https://www.php.net/manual/en/function.json-encode.php
这应该是朝着正确方向迈出的一步:
This should be a step in the right direction:
你确定吗?不是吗:
为了防止双'尝试:
或者
Are you sure? Isn't it:
In order to prevent the double ' try:
or
还值得注意的是,您可以将 PHP 文件用作 JavaScript 文件
,并且您可以在该文件中执行 PHP 代码,也可以通过 PHP 的回显来输出 JavaScript 代码。
It's also worth noting that you can use a PHP file as a JavaScript file
And you're able to execute PHP code in that file, as well as output JavaScript code by echoing from PHP.
由于您在 JavaScript 中使用最终值,因此我将使用 json_encode:
它将正确输出:
注意,我没有在 json_encode 函数周围添加一组额外的引号。它会自动添加必要的引号以使其成为有效的 JavaScript 字符串。
Since you are using the final value in JavaScript, I would use
json_encode:And it will correctly output:
Notice I didn't put an extra set of quotes around the
json_encodefunction. It will add the necessary quotes to make it a valid JavaScript string automatically.Frank Farmer 的答案很有趣,但它转义了一些不需要转义的东西,比如选项卡。
试试这个片段,它工作得很好:
由于我总是在 PHP 脚本中连接到数据库,将文本直接传递到 Javascript 字符串中,所以我依靠 real_escape_string 来完成我的肮脏工作。 addslashes() 不处理换行符,这些换行符有时会潜入我传递给 Javascript 的字符串中。
一个简单的
$sql->real_escape_string($string)就可以让一切变得更好,将数据库输出的任何内容转义为 JavaScript 友好的形式。Frank Farmer's answer is interesting, but it's escaping some things that don't need to be escaped, like tabs.
Try this snippet, it works just fine:
Since I'm always connected to a database in my PHP scripts that pass text directly into Javascript strings, I lean on real_escape_string to do my dirty work. addslashes() doesn't handle newlines and those sometimes sneak into strings I'm passing on to Javascript.
A simple
$sql->real_escape_string($string)makes it all better, escaping whatever the database spits out into a Javascript-friendly form.