html_entity_decode() 无法正常工作?
编辑:我在发布问题后几秒钟就解决了这个问题(抱歉!),但还不能接受答案。
大家好,
请快速回答一下。我有一个 PHP/CodeIgniter 站点,用户可以编辑他们的个人资料。我正在使用 CI 的 XSS 过滤和基于 Active Record 的模型,因此数据会自动转义。
它自然会在个人资料页面视图上显示良好,例如“我们将看看这是否有效”(we'll 中的撇号)等文本。但是,当用户转到“编辑”页面时,输入框(填充了数据库中的数据)显示:
We'll see if this works
我想我可以通过将输入框的值设置为 html_entity_decode($query->; row('example_database_row')) 但它仍然不起作用。我在这里误解了什么吗?
谢谢!
杰克
EDIT: I solved it seconds after posting the question (sorry!) but can't accept an answer yet.
Hi folks,
Just a quick one. I have a PHP/CodeIgniter site and the user can edit their profile. I'm using CI's XSS Filtering and Active Record-based Models, so the data is escaped automatically.
It naturally displays fine on the profile page view, text such as "We'll see if this works" (the apostrophe in the we'll). However when the user goes to the Edit page, the input box (filled with the data in the DB) displays:
We'll see if this works
I thought I could get around it by setting the value of the input box to html_entity_decode($query->row('example_database_row')) but it still doesn't work. Am I misunderstanding something here?
Thanks!
Jack
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以使用
html_entity_decode($query->row('example_database_row'), ENT_QUOTES)。不过,我建议在将 HTML 编码插入数据库之前不要进行编码。输出的时候编码一下就可以了。最好将原始数据存储在数据库中。
You can use
html_entity_decode($query->row('example_database_row'), ENT_QUOTES).However, I would advise against HTML encoding before you insert it into the database. Just encode it when you output it. It's better just storing the raw data in the database.