我怎样才能base64_en code和base64_de code字符串html标签? [英] How can I base64_encode and base64_decode string with html tags?
问题描述
我有去的base64 code的一个问题
例如,我有这个code:
I have a problem with base64 decode For example, I have this code:
else if($_POST['submit']==2){
$send = base64_encode($text_success);
wp_redirect( home_url('/sales-funnel/add-product?msg='.$send) ); exit;
}
我送带codeD字符串页面,因此用户不能简单的从URL中读取它。
$ text_success包含HTML code,这是产生,如果 $ wpdb->查询
不包含错误:
`Darījums veiksmīgi pievienots!</br>Komentārs veiksmīgi pievienots!</br>Klients veiksmīgi pievienots!</br>Fāze ir pievienota! </br>`
在所有在线base64_de code它的伟大工程,但我的字preSS现场返回时,我试图做的空字符串:
In all online base64_decode it's works great, but my WordPress site return empty string when I'm trying to do:
if (isset($_GET['msg']) && !empty($_GET['msg'])){
$text = base64_decode($_GET['msg']);
echo $text;
}
但是, $ _ GET ['味精'] = RGFyxKtqdW1zIHZlaWtzbcSrZ2kgcGlldmllbm90cyE8L2JyPktvbWVudMSBcnMgdmVpa3NtxKtnaSBwaWV2aWVub3RzITwvYnI+S2xpZW50cyB2ZWlrc23Eq2dpIHBpZXZpZW5vdHMhPC9icj5GxIF6ZSBpciBwaWV2aWVub3RhISA8L2JyPg==$c$c>
P.S。我试图用它不包含HTML标签,所有的伟大工程。
P.S. I tried to use it without html tags, all works great.
推荐答案
的问题是关系到一个事实,即以base64字母不是网址安全。在这种特殊情况下,您的Base64恩codeD字符串包含 +
,这是PTED为空格间$ P $。
The problem is related to the fact that the base64 alphabet is not URL-safe. In this particular case, your base64-encoded string contains a +
, which is interpreted as a space.
要解决这个问题,您可以:
To solve this, you can either:
- 使用的base64字母表中的URL安全版本,即替换
+
与-
,/
与_
,并按照说明微调尾随=
paddding,< A HREF =https://tools.ietf.org/html/rfc4648#section-5相对=nofollow> RFC4648 。 这个答案包括这种方法的一个code样本。 - URL-CN code base64编码后您的内容,把
+
到%2B
,/
到%2F
和=
到%3D
。
- Use a URL-safe version of the base64 alphabet, i.e. replacing
+
with-
,/
with_
, and trimming the trailing=
paddding, as described in RFC4648. This answer includes a code sample for this approach. - URL-encode your content after base64 encoding, turning
+
into%2B
,/
into%2F
, and=
into%3D
.
这应该解决您的问题,但毫无疑问,在不受信任的环境中,使用户能够注入原始的HTML到您的网站的能力构成了严重的安全隐患。
This should solve your problem, but it goes without saying that in an untrusted environment, giving users the ability to inject raw HTML into your site constitutes a serious security risk.
这篇关于我怎样才能base64_en code和base64_de code字符串html标签?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!