我有一个页面,我的会员可以发布新帖子或更新帖子。我从tinymce编辑器获得了帖子内容。一切正常,但当我的内容涉及新行或<p> </p>或<div> </div>等空闲空间时,会导致问题。 php-prepared语句只保存这些标签之前的内容而不是整个内容。例如,
<div><strong>Lorem Ipsum</strong> is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum.</div>
<div> </div>
<div>It is a long established fact that a reader will be distracted by the readable content of a page when looking at its layout. The point of using Lorem Ipsum is that it has a more-or-less normal distribution of letters, as opposed to using 'Content here, content here', making it look like readable English. Many desktop publishing packages and web page editors now use Lorem Ipsum as their default model text, and a search for 'lorem ipsum' will uncover many web sites still in their infancy. Various versions have evolved over the years, sometimes by accident, sometimes on purpose (injected humour and the like).</div>
仅保存或更新此部分:
<div><strong>Lorem Ipsum</strong> is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum.</div>
这是我的php编写的语句php代码:
function createNewPost($post){
$cmd = "INSERT INTO posts(post_title,post_content,post_author,post_category,post_date,post_status) VALUES (?,?,?,?,?,?)";
$mysqli = connectDB();
$stmt = $mysqli->prepare($cmd);
$stmt->bind_param("ssiiss",$post["title"],$post["content"],$post["author"],$post["category"],$post["date"],$post["status"]);
$stmt->execute();
$count = $stmt->affected_rows;
$stmt->close();
if($count > 0)
return true;
else
return false;
我认为问题是“&amp;”字符。当prepare函数读取char时,它可能会看到它是危险的并清除该部分之后的所有html代码并在<p> </p>部分之前返回给我?
$post["content"] // I checked this variable.It has the whole content.
编辑:我忘了提到我通过jquery post方法发送这些数据,即使数据类型为“text”,ajax-url也会在“&amp;”之后再次切断整个文本炭。
jQuery代码:
$('#submitPost').click(function(){
var str = $('#postForm').serialize();
str += "&editorContent=" + tinyMCE.activeEditor.getContent() + "&postDate=" + $('#labelDate').html();
str += "&postID=" + "<?php echo $_GET["id"]; ?>";
$.post("ajax-update-post.php", str,
function(data){
$('#submitPost').attr("disabled",false);
$('#submitPost').html("Update");
$('#info').html(data);
$('#info').slideDown("slow");
//setTimeout(function(){ $('#info').slideUp("slow"); }, 3000);
},"text"
);
我通过改变tinymce的获得价值解决了我的问题。我将jquery中的数据用于另一个textarea,然后从新的textarea获取序列化。
答案 0 :(得分:0)
在将实际数据插入数据库之前,您可能需要在php中使用htmlspecialchars函数
$sample = htmlspecialchars("<a href='test'>the string to be inserted</a>", ENT_QUOTES);
然后,如果要使用htmlspecialchars_decode
解码该数据echo htmlspecialchars_decode($sample);
或者您可以在插入字符串html和htmlentities之前尝试使用html_entity_decode()进行解码。
实施例
$orig = "I'll \"walk\" the <b>dog</b> now";
$a = htmlentities($orig);
$b = html_entity_decode($a);
echo $a; // I'll "walk" the <b>dog</b> now
echo $b; // I'll "walk" the <b>dog</b> now
所以在你的情况下尝试使用它。
$cmd = "INSERT INTO posts(post_title,post_content,post_author,post_category,post_date,post_status) VALUES (?,?,?,?,?,?)";
$mysqli = connectDB();
$stmt = $mysqli->prepare($cmd);
$content = htmlentities($post["content"]);
$stmt->bind_param("ssiiss",$post["title"],$content,$post["author"],$post["category"],$post["date"],$post["status"]);
$stmt->execute();
$count = $stmt->affected_rows;
$stmt->close();
//try to echo it out
echo $post["content"]."<br/>";
echo $content;
if($count > 0)
return true;
else
return false;
我希望能帮助你。