我不在安装了 PHP 的计算机上,想知道 strip_tags() 对以下文本的结果是什么:
"ipt>警报('哦哦')ipt>"
它会返回:
“<脚本>警报('哦哦')” (即没有意识到通过删除明显的标签它暴露了一个新的标签)
或者
“alert('oh oh')
我知道,如果它返回第一个案例,我可以重复调用该函数,直到取出我输入的内容,但我很好奇。
提前致谢。
I'm away from a computer with PHP installed and was wondering what the result of strip_tags() would be on the following text:
"<scr<h1>ipt>alert('oh oh')</scr</h1>ipt>"
Would it return:
"<script>alert('oh oh')</script>" (i.e. not recognize that by removing the obvious tag it exposed a new one)
or
"alert('oh oh')
I know that if it returns the first case I can just repeatedly call the function until I get out what I put in, but I'm curious.
Thanks in advance.
发布评论
评论(2)
很好的问题。
不,它不会从该字符串中删除任何内容:
输出是您的原始字符串:
ipt>alert('oh oh')ipt>Edit
在第二种情况下它将打印
alert('oh oh'),因此它会一步删除所有看起来像标签的内容Great question.
Nope, it doesn't strip anything from that string:
And the output is your original string:
ipt>alert('oh oh')ipt>Edit
In your second case it will print
alert('oh oh')so it strips all that is looking like a tag in a single step它仅返回:
alert('oh oh')It returns just:
alert('oh oh')