颠倒`mysqli_real_escape_string`的效果 [英] Reversing the effect of `mysqli_real_escape_string`
问题描述
我正在研究一个应用程序,用户可以创建HTML模板并将其保存到数据库。模板由不同的组件组成,如文本,图像等。当我尝试使用撇号保存文本 '
它给了我 mysql_error
(显然)。所以我试着 mysqli_real_escape_strings
来结束它。它工作正常,但我想为编辑目的取回保存的内容,并且使用 \
来转义撇号。 (斜杠)。所以内容在内部被修改,并且不再是一个有效的HTML来编辑,并且浏览器会抛出语法错误。
我也尝试过寻找其他函数进行转义,并遇到 json_encode
但这不被mysql接受。
Can有人指向我的任何功能,这将在PHP中做到这一点?请建议任何功能,将执行我的任务!
更新:
$ b
function saveContentContent (){
var $ getContent = $('#mainWrap')。clone();
$ getContent.find('。textBox,.pictureBox')。removeAttr('id');
var saveContent = $ getContent.wrap('< div>< / div>')。html();
console.log(saveContent);
var getBodyStyle = $('body')。attr('style');
console.log('this is body style'+ getBodyStyle);
var auto =auto;
$ .ajax({
url:auto_save.php,
type:POST,
dataType:text,
// data: txtComp =+ saveContent +& auto =+ auto +& pageId =+ pageId +& webId =+ webId +& userId =+ userId +& bodyStyle =+ getBodyStyle,
data:{txtComp:saveContent,auto:auto,pageId:pageId,webId:webId,userId:userId,bodyStyle:getBodyStyle}
});
}
我添加了 mysql_real_escape_string
在我的 auto_save.php
中。
现在,当我从数据库中取回数据时,我必须将它传递给一个JavaScript变量,像这样。
$ b
var getSavedContent =<?php echo json_encode($ IdLessContent); ?取代;
这可能是一个问题吗?
我相信你需要用这个:
$ p $ json_encode($ IdLessContent,JSON_UNESCAPED_SLASHES );使用UNESCAPED_SLASHES部分的
,您的数据应该被正确地返回。
I am working on an application where user can create HTML templates and save them to the database.The templates consist of different components like text,image etc.When I try to save the text with an apostrophe '
it gives me mysql_error
(obviously).So I tried mysqli_real_escape_strings
to nulify it.It worked,but I want to get back the saved content for editing purpose and the apostrophe's are escaped using \
(slashes).So the content is modified internally and is no more a valid html to edit and the browser throws a syntax error.
I also tried searching other functions for escaping and came across json_encode
but that is not accepted by mysql.
Can someone point me to any function which would do this in php?Please suggest any function that would carry out the task for me!
Update:
function saveContent(){
var $getContent = $('#mainWrap').clone();
$getContent.find('.textBox, .pictureBox').removeAttr('id');
var saveContent = $getContent.wrap('<div></div>').html();
console.log(saveContent);
var getBodyStyle=$('body').attr('style');
console.log('this is body style'+getBodyStyle);
var auto="auto";
$.ajax({
url:"auto_save.php",
type:"POST",
dataType:"text",
//data:"txtComp="+saveContent+"&auto="+auto+"&pageId="+pageId+"&webId="+webId+"&userId="+userId+"&bodyStyle="+getBodyStyle,
data: {txtComp: saveContent, auto: auto, pageId: pageId,webId:webId,userId:userId,bodyStyle:getBodyStyle}
});
}
I add the mysql_real_escape_string
in my auto_save.php
. Now when I fetch it back from DB,I have to pass it to a javascript variable like this.
var getSavedContent = <?php echo json_encode($IdLessContent); ?>;
Can that be an issue?
stripslashes()
will remove slashes from any string, and is useful when outputting escaped data.
I believe you need to use this:
json_encode($IdLessContent, JSON_UNESCAPED_SLASHES);
with the UNESCAPED_SLASHES part, your data should be returned correctly.
这篇关于颠倒`mysqli_real_escape_string`的效果的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!