我从PHP脚本中将一个奇怪的双引号插入到我的HTML中。我已经尝试了所有我知道的防止它,但我不知所措 这是代码
<?php
$Client_number =$_GET['client_number'];
$update_type =$_GET['input_type'];
$class_no = $_POST['class_name_sel'];
echo '<div class ="enter_stu_info">';
echo '<h2>Creating the following student records</h2>';
if ($update_type == "reg")
{
require_once('../connections/i_connect.php');
$stu_line_count = 1;
$stu_temp = ($_POST['stu_first_name_'.$stu_line_count]);
while($stu_temp!= ""){
$first_name = $_POST['stu_first_name_'.$stu_line_count];
$stu_surname = $_POST['stu_last_name_'.$stu_line_count];
$employer_number =$_GET['client_number'];
$reg_stu_query = mysqli_query($i_connect, "INSERT INTO is_student(first_name, last_name, class_no, employer) VALUES('$first_name', '$stu_surname', '$class_no','$employer_number')");
echo 'First Name: '.$first_name.' Last name:'.$stu_surname.' Class_number: '.$class_no.' Client_number: '.$employer_number.' ';
$stu_line_count++;
$stu_temp = ($_POST['stu_first_name_'.$stu_line_count]);
}
if ($reg_stu_query){echo ' <h3>Entered</h3><br/>';}
}
if ($update_type == "blank_stu")
{
require_once('../connections/i_connect.php');
$no_of_students = $_POST['no_of_students'];
$stu_line_count = 1;
$employer_number =$_GET['client_number'];
while($stu_line_count <= $no_of_students){
$is_entered = mysqli_query($i_connect, "INSERT INTO is_student(class_no, employer) VALUES('$class_no', '$employer_number')");
echo ' Class_number: '.$class_no.' Client_number: '.$employer_number.' Student number: '.$stu_line_count;
if ($is_entered == "true"){echo ' <h3>Entered</h3>';}
echo'<br/>';
$stu_line_count++;
}
}
$win_loc_txt = '"create_student_enter.php?client_number='.$employer_number.'&class_no='.$class_no.'"';
echo'<br/>'.$win_loc_txt.'<br/>';
echo '<input name="more_stu_button" type="button" onClick="window.location.replace('.$win_loc_txt.')" value="Add more students">';
echo '</div>';
?>
这给了我以下结果(请注意&#34; client_number =&#34;&#34; 7&#34之间&#34; window.location.replace()脚本中不需要的双引号;即使所用变量的回声没有显示不需要的引号..
<!DOCTYPE html>
<html>
<head>
<body>
<div class="enter_stu_info">
<h2>Creating the following student records</h2>
First Name: testing Last name:testing Class_number: 1 Client_number: 7
<h3>Entered</h3>
<br>
<br>
"create_student_enter.php?client_number=7&class_no=1"
<br>
<input name="more_stu_button" onclick="window.location.replace(" create_student_enter.php?client_number="7&class_no=1")"" value="Add more students" type="button">
</div>
<script type="text/javascript" language="javascript">
</body>
答案 0 :(得分:0)
你得到它是因为你把它放在那里:
$win_loc_txt = '"create[...snip..] .'"';
^--------------------^
echo '<input [..snip..] onclick="window.location.replace('.$win_loc_txt.')" value= [..snip..]
当你把它们放在一起时:
echo '<input [..snip..] onclick="window.location.replace("create...");" value=[.snip..]
^------------------------^ ^--unknown/illegal attribute
由于您过早地终止了onclick属性,浏览器会被迫尝试GUESS你想要的东西并尽可能地修复它。
您正在将文本从PHP直接转储到HTMl属性中的Javascript上下文中,这意味着您必须同时生成有效的javascript和html。
尝试类似
的内容echo '<input ...' . htmlspecialchars(json_encode($win_loc_text)) . '...';
代替。
答案 1 :(得分:0)
问题是您在Satisfy any
内使用",因此您的代码应该是:
"