我怎样才能base64_en code和base64_de code字符串html标签? [英] How can I base64_encode and base64_decode string with html tags?

查看:313
本文介绍了我怎样才能base64_en code和base64_de code字符串html标签?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有去的base64 code的一个问题
例如,我有这个code:

I have a problem with base64 decode For example, I have this code:

else if($_POST['submit']==2){
        $send = base64_encode($text_success);
        wp_redirect( home_url('/sales-funnel/add-product?msg='.$send) ); exit;
    }

我送带codeD字符串页面,因此用户不能简单的从URL中读取它。
$ text_success包含HTML code,这是产生,如果 $ wpdb->查询不包含错误:

 `Darījums veiksmīgi pievienots!</br>Komentārs veiksmīgi pievienots!</br>Klients veiksmīgi pievienots!</br>Fāze ir pievienota! </br>`

在所有在线base64_de code它的伟大工程,但我的字preSS现场返回时,我试图做的空字​​符串:

In all online base64_decode it's works great, but my WordPress site return empty string when I'm trying to do:

if (isset($_GET['msg']) && !empty($_GET['msg'])){
    $text = base64_decode($_GET['msg']);
    echo $text;
}

但是, $ _ GET ['味精'] = RGFyxKtqdW1zIHZlaWtzbcSrZ2kgcGlldmllbm90cyE8L2JyPktvbWVudMSBcnMgdmVpa3NtxKtnaSBwaWV2aWVub3RzITwvYnI+S2xpZW50cyB2ZWlrc23Eq2dpIHBpZXZpZW5vdHMhPC9icj5GxIF6ZSBpciBwaWV2aWVub3RhISA8L2JyPg==

P.S。我试图用它不包含HTML标签,所有的伟大工程。

P.S. I tried to use it without html tags, all works great.

推荐答案

的问题是关系到一个事实,即以base64字母不是网址安全。在这种特殊情况下,您的Base64恩codeD字符串包含 + ,这是PTED为空格间$ P $。

The problem is related to the fact that the base64 alphabet is not URL-safe. In this particular case, your base64-encoded string contains a +, which is interpreted as a space.

要解决这个问题,您可以:

To solve this, you can either:


  • 使用的base64字母表中的URL安全版本,即替换 + - / _ ,并按照说明微调尾随 = paddding,< A HREF =htt​​ps://tool​​s.ietf.org/html/rfc4648#section-5相对=nofollow> RFC4648 。 这个答案包括这种方法的一个code样本。

  • URL-CN code base64编码后您的内容,把 + %2B / %2F = %3D

  • Use a URL-safe version of the base64 alphabet, i.e. replacing + with -, / with _, and trimming the trailing = paddding, as described in RFC4648. This answer includes a code sample for this approach.
  • URL-encode your content after base64 encoding, turning + into %2B, / into %2F, and = into %3D.

这应该解决您的问题,但毫无疑问,在不受信任的环境中,使用户能够注入原始的HTML到您的网站的能力构成了严重的安全隐患。

This should solve your problem, but it goes without saying that in an untrusted environment, giving users the ability to inject raw HTML into your site constitutes a serious security risk.

这篇关于我怎样才能base64_en code和base64_de code字符串html标签?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆