JavaScript函数参数中的单引号转义 [英] Single quote escape in JavaScript function parameters
问题描述
我需要在JavaScript函数参数中转义单引号以避免这种情况:
I need to escape single quotes in JavaScript function parameters to avoid this:
onclick="Javascript:INSERT_PRODUCT('188267','WILL AND GRACE','32311','L'ANNIVERSARIO DINOZZE ','20101113|04|18|','13/11/2010 0.00.00','CANALE 5 ',this);"
但我需要在函数调用中转义它们,因为我不知道将传递的值(db变量我无法从数据库中转义)。
But I need to escape them inside a function call since I do not know the values that will be passed (db variables I can't escape from the database).
是否有一个允许我执行以下操作的函数?
Is there a function that allows me to do something like the following?
onclick="Javascript:function(escape(param1), escape(param2), escape(param3));"
推荐答案
JSON.stringify(plainTextStr).replace(/&/, "&").replace(/"/g, """)
将生成一个字符串,您可以安全地嵌入一个带引号的属性中,当JavaScript解释器看到它时具有相同的含义。
will produce a string you can safely embed in a quoted attribute and which will have the same meaning when seen by the JavaScript interpreter.
唯一需要注意的是一些 Unicode 换行符(U + 2028和U + 2029),但JSON只需要 \ r
和 \ n
可以转义。
The only caveat is that some Unicode newlines (U+2028 and U+2029) need to be escaped before being embedded in JavaScript string literals, but JSON only requires that \r
and \n
be escaped.
这篇关于JavaScript函数参数中的单引号转义的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!