返回带有嵌入 php echo 语句的 html 字符串

发布于 2024-09-12 01:06:11 字数 497 浏览 5 评论 0原文

我试图返回一个 html 字符串，其中包含一些 php 代码，但这样做遇到了一些困难。下面的示例：

return '//bunch of html here
<div id="test">
 <?php 
   if (isset($_COOKIE[\"cannycookie\"]))
   {
      echo "<a class=\"reply\" href=\"#\" id=\"deletelink-'.$d['id'].'\">Delete</a>";
   }
 ?>
</div>';

之前的 html 全部返回完美，但是当它到达 ">Delete";}?> 时，某些内容崩溃并烧毁。 html 在浏览器中呈现如下： Delete\n"; } ?> ，整个 php 源代码都被暴露。我已经尝试阅读其他帖子和有关语句中引用的信息，我已经尽力了，但没有成功，谢谢！

原文

I'm attempting to return a string of html with an some php code within the html and I'm experiencing a bit of difficulty doing so. Example below:

return '//bunch of html here
<div id="test">
 <?php 
   if (isset($_COOKIE[\"cannycookie\"]))
   {
      echo "<a class=\"reply\" href=\"#\" id=\"deletelink-'.$d['id'].'\">Delete</a>";
   }
 ?>
</div>';

The html before this all returns perfectly, but when it gets to the ">Delete</a>";}?> something crashes and burns.
The html renders in the browser like so: Delete\n"; } ?> with the whole php source being exposed. I've tried reading up other posts and information on quotes in statements as such, and I've tried as much as I can, yet to no avail. Any ideers? Thanks!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

情独悲 2024-09-19 01:06:11

php 里面的 php 很奇怪，试试这个：

if (isset($_COOKIE["cannycookie"]))
{
    return '<div id="test">
              <a class="reply" href="#" id="deletelink-'.$d['id'].'">Delete</a>
            </div>';
}
else
{
    return '<div id="test"></div>';
}

php inside php is strange, try this:

if (isset($_COOKIE["cannycookie"]))
{
    return '<div id="test">
              <a class="reply" href="#" id="deletelink-'.$d['id'].'">Delete</a>
            </div>';
}
else
{
    return '<div id="test"></div>';
}

回复收藏 0 原文

方圜几里 2024-09-19 01:06:11

出于理智的目的，不要像这样返回，而是：

$myReturnStatement = htmlentities('whatever you wanted');
return $myReturnStatement;

在接收端，您删除斜杠并将实体解码回合法的 PHP 代码。另外，如果我正确理解我的引号，您可以在单引号内添加双引号，而不必将其删除。这应该可以让你省去头痛。一旦代码被解码为正常的 PHP 代码，只需使用 eval() 作为 PHP 进行评估。

https://www.php.net/manual/en/function.stripslashes。 php
http://php.net/manual/en/function.htmlentities.php
http://www.php.net/manual/en/ function.html-entity-decode.php
http://php.net/manual/en/function.eval.php

Do not return like that for sanity purposes, instead:

$myReturnStatement = htmlentities('whatever you wanted');
return $myReturnStatement;

On the receiving end, you strip slashes and decode the entities back into legitimate PHP code. Also, if I understand my quotes correctly, you can have double quotes inside of single quotes without having to slash them out. This should save you headache. Once the code is decoded into normal PHP code, just use eval() to evaluate as PHP.

https://www.php.net/manual/en/function.stripslashes.php
http://php.net/manual/en/function.htmlentities.php
http://www.php.net/manual/en/function.html-entity-decode.php
http://php.net/manual/en/function.eval.php

回复收藏 0 原文

少年亿悲伤 2024-09-19 01:06:11

不要返回 PHP。它不会起作用，即使它起作用，使用 eval() 等也被认为是有害的（并且是一个严重的安全问题），除非在非常特殊的情况下。

试试这个：

<?php

$retval = '<div id="test"> <!-- whatever you need here -->';
if (isset($_COOKIE["cannycookie"]))
{
  $retval .= '<a class="reply" href="#" id="deletelink-'.$d['id'].'">Delete</a>';
}

return $retval;

?>

Don't return PHP. It won't work, and even if it did, using eval() et al is considered to be harmful (and a serious security issue) except in very specific circumstances.

Try this:

<?php

$retval = '<div id="test"> <!-- whatever you need here -->';
if (isset($_COOKIE["cannycookie"]))
{
  $retval .= '<a class="reply" href="#" id="deletelink-'.$d['id'].'">Delete</a>';
}

return $retval;

?>

回复收藏 0 原文

~没有更多了~