Question

允许用户输入的代码段

//fetch user input and pass it in URL
alertify.prompt("Please enter note/remarks for this Form (optional):", function (e,value) {
    if (e) {
               alertify.success("Form has been submitted");
               $.post(SITE_URL+"someController/someAction",$("#frm_submit").serialize()+ "&user_id="+user_id+"&comment="+value, function( data ) {
           });

    }else{
       alertify.error("Your Form is not submitted");
    }
});

用户输入：我的项目Google R＆amp; D for each googler

当表单发布时，输入未完成，如下所示

echo $_POST['comment']打印我的项目Google R

如果用户在注释中输入&之类的特殊字符，则会中断输入

尝试使用htmlentities($_POST['comment'])和htmlspecialchars($_POST['comment'], ENT_QUOTES, 'UTF-8')但无效。

我怎样才能允许用户输入特殊字符？

P.S：我没有在数据库中保存这个值

Answer 1

正如Daan建议的那样，&打破了javascript中的网址。请找到适合我的更新代码段

//fetch user input and pass it in URL
alertify.prompt("Please enter note/remarks for this Form (optional):", function (e,value) {
    if (e) {

               alertify.success("Form has been submitted");

               //encodes special characters in user comment
               var comment = encodeURIComponent(value);

               $.post(SITE_URL+"someController/someAction",$("#frm_submit").serialize()+ "&user_id="+user_id+"&comment="+comment, function( data ) {
           });

    }else{
       alertify.error("Your Form is not submitted");
    }
});

Answer 2

使用帖子参数发送您的数据。

$.ajax({
  type: "POST",
  url: your_url,
  data: { user_id: user_id, comment: value } 
});

Answer 3

试试这个：

stripslashes($_POST['comment'])

PHP - 显示特殊字符

3 个答案: