htmlspecialchars() 函数把预定义的字符转换为 HTML 实体。
<?php
$str = "This is some <b>bold</b> text.";
echo htmlspecialchars($str);
?>
htmlspecialchars() 函数把预定义的字符转换为 HTML 实体。
预定义的字符是:
& (和号)成为 &
" (双引号)成为 "
' (单引号)成为 '
< (小于)成为 <
> (大于)成为 >
案例:
if($_GET['id']!=null){
$_sql = " SELECT * FROM o_code WHERE o_id =$_id LIMIT 1 ";
$_result = _fetch_array($_sql);
if ($_GET['action'] == 'code') {
$_english = trim($_POST['english']);
$_sym = trim($_POST['symbol']);
$_symbol = htmlspecialchars($_sym,ENT_QUOTES);
$_info = trim($_POST['info']);
$_type = trim($_POST['type']);
$_sql = "UPDATE o_code SET o_english = '$_english', o_symbol = '$_symbol',
o_info = '$_info', o_type = '$_type' WHERE o_id = $_id";
_query($_sql);
_close();
echo "<script type='text/javascript'>alert('修改成功');location.href='code.of.update.php?id=$_id';</script>";
exit();
}
}
参考文档:http://www.w3school.com.cn/php/func_string_htmlspecialchars.asp 打开
标签:trim,code,函数,symbol,htmlspecialchars,PHP,type,id From: https://blog.51cto.com/u_16171388/6557269