我有一个问题,我将CKeditor集成到我的CMS,当我将一些文本复制到查询时,在
之后显示<\h2>
<\p>
,那么如果尝试删除那些statament,我删除它后显示我更多<\h2>
<\p>
<\p>
<\p>
<\p>
<\p>
page.php文件
// Query the body section for the proper page
$stmt = $con->prepare('SELECT pagebody FROM travel WHERE link = ?');
$stmt->bind_param('s', $pageid);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_array()) {
// do something with $row
$body = htmlspecialchars_decode(stripslashes($row['pagebody'])); //pentru caractere speciale
} <?php echo $body; ?>
// edit_page
<?php
// You may want to obtain refering site name that this post came from for security purposes here
// exit the script if it is not from your site and script
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$pid = $_POST['pid'];
$titlu = $_POST['titlu'];
$link = $_POST['link'];
$keyword = $_POST['keyword'];
$poza = $_POST['poza'];
$descriere = $_POST['descriere'];
$data = $_POST['data'];
$pagebody = $_POST['pagebody'];
// Filter Function -------------------------------------------------------------------
function filterFunction ($var) {
$var = nl2br(htmlspecialchars($var));
$var = str_replace("/", "\\\\", $var);
$var = preg_replace("~/~", "\\\\", $var);
return $var;
}
$titlu = filterFunction($titlu);
$link = filterFunction($link);
$keyword = filterFunction($keyword);
$poza = filterFunction($poza);
$descriere = filterFunction($descriere);
$data = filterFunction($data);
$pagebody = filterFunction($pagebody);
// End Filter Function --------------------------------------------------------------
include_once "../conx.php";
// Add the updated info into the database table
$stmt = $con->prepare("UPDATE travel SET titlu=?, link=?, keywords=?, poza=?, descriere=?, pagebody=?, data=? WHERE id = ?");
// TODO check that $stmt creation succeeded
// "s" means the database expects a string
$stmt->bind_param("ssssssss", $titlu, $link, $keyword, $poza, $descriere, $pagebody, $data, $pid);
$stmt->execute();
$stmt->close();
答案 0 :(得分:1)
这是由于PHP代码中的这一行:
$var = str_replace("/", "\\\\", $var);