用HTML内容消除POST内容 [英] Sanitize POST content with HTML contents
本文介绍了用HTML内容消除POST内容的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想通过POST发送HTML内容。
但是当获取它并清理它时,它也会清除HTML字符。
$ Code = filter_var_array($ value, FILTER_SANITIZE_STRING);
当我发送时:
我想要< strong>保存此数据< / strong>
我收到:
我想保存这些数据
我应该更改哪些内容以创建安全字符串?
edit:
在我的表单中,我有一个所见即所得的编辑器(FCK Editor) 。
解决方案
我已经使用 HTMLPurifier
基本用法类似于此;
这是一个用于清理HTML输入的PHP过滤器库。 pre> include_once( '/ htmlpurifier /库/ HTMLpurifier.auto.php');
$ config = HTMLPurifier_Config :: createDefault();
$ purifier = new HTMLPurifier($ config);
$ clean ['htmlData'] = $ purifier-> purify($ _ POST ['htmlData']);
I want to send HTML content by POST. But when fetching it and sanitizing it it also cleans the HTML characters.
$Code = filter_var_array($value, FILTER_SANITIZE_STRING);
WHen I send :
I would like to <strong>Save this data</strong>
I receive :
I would like to Save this data
What should I change to create a safe string?
edit : In my form I have a WYSIWYG editor (FCK Editor) and it's contents is where I am after.
解决方案
I have used HTMLPurifier which is a PHP filter library to sanitize HTML input.
Basic usage is something like this;
include_once('/htmlpurifier/library/HTMLpurifier.auto.php');
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
$clean['htmlData'] = $purifier->purify($_POST['htmlData']);
这篇关于用HTML内容消除POST内容的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文