在url链接中转义单引号 [英] Escaping single quote in url link
问题描述
我有一个链接发送了一些php:
echo< a href ='。 $ galerry。 #。 apastro(get_title($ primid))。 'class ='linkorange'> voir sa galerie< / a>;
$ galerry
链接到另一页。 / p>
get_title($ primid)
是 $ galerry code> page。
并且该机制可以正常工作,直到其中一个元素id在其中包含单引号。这是有道理的,因为它会中断echo函数。
这就是为什么我有apastro函数:
function apastro($ phrase){
$ phrase1 = str_replace(',\',$ phrase);
返回$ phrase1;
}
然而,单引号之前的\\ \\并没有帮助...
因此,让我们说链接重定向到页面上的id =l'aro的元素something.php
然后url将是something.php#
它会中断echo函数
它不会。它会破坏由'
字符分隔的字符串字面值,但是你的字符串字面值是用字符分隔的。 ,它打破了被
'
字符分隔的HTML属性值。
\
不是网址或HTML的转义字符。 使用 php.net/urlencoderel =nofollow> urlencode
将字符串安全地放入URL中。
使用 htmlspecialchars
制作一个字符串(b
$ title = get_title($ primid);
$ urlsafe_title = urlencode( $ title);
$ url = $ galerry。#。$ urlsafe_title;
$ htmlsafe_url = htmlspecialchars($ url,ENT_QUOTES | ENT_HTML5);
echo<
$ h $
I have a link that is sent throw some php:
echo "<a href='" . $galerry . "#" . apastro(get_title($primid)) . "' class='linkorange'>voir sa galerie</a>";
$galerry
links to another page.
get_title($primid)
is the id of a specific element in $galerry
page.
And the mechanism works fine until one of the elements id has a single quote in it . Which makes sense as it would interrupt the echo function.
This is why i have the apastro function:
function apastro($phrase){
$phrase1 = str_replace("'","\'",$phrase);
return $phrase1;
}
Yet the \ before the single quote isn't helping...
So Lets say the link redirects to the element with id="l'aro" on the page something.php then the url will be something.php#l\
it would interrupt the echo function
It wouldn't. It would break a string literal delimited by '
characters, but your string literal is delimited with "
characters. In this case, it is breaking the HTML attribute value which is delimited by '
characters.
\
is not an escape character for URLs or HTML.
Use urlencode
to make a string safe to put into a URL.
Use htmlspecialchars
to make a string safe to put into an HTML attribute.
$title = get_title($primid);
$urlsafe_title = urlencode($title);
$url = $galerry . "#" . $urlsafe_title;
$htmlsafe_url = htmlspecialchars($url, ENT_QUOTES | ENT_HTML5);
echo "<a href='$htmlsafe_url' class='linkorange'>voir sa galerie</a>";
这篇关于在url链接中转义单引号的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!