我粘贴谷歌地图代码
<iframe width="186" height="186" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" src="http://maps.google.com/maps?f=d&source=s_d&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645&output=embed"></iframe>
<br />
<small><a href="http://maps.google.com/maps?f=d&source=embed&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645" style="color:#0000FF;text-align:left">View Larger Map</a></small> </div>
在文字区域并使用mysql_real_escape_string(trim($_POST'map']))
但是从mysql表中取回时,由于 SQL Injection 保护功能,它不会显示地图,即: mysql_real_escape_string(),如:
<iframe width=\"186\" height=\"186\" frameborder=\"0\" scrolling=\"no\" marginheight=\"0\" marginwidth=\"0\" src=\"http://maps.google.com/maps?f=d&source=s_d&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645&output=embed\"></iframe>
<br />
<small><a href=\"http://maps.google.com/maps?f=d&source=embed&saddr=NIPA,+Karachi,+Pakistan&daddr=&hl=en&geocode=FXg3fAEd6dH_AyF_rsIkOA6mpg&aq=&sll=24.91788,67.097065&sspn=0.007414,0.009645&vpsrc=0&mra=ls&ie=UTF8&t=m&ll=24.91788,67.097065&spn=0.007414,0.009645\" style=\"color:#0000FF;text-align:left\">View Larger Map</a></small> </div>
.............!
答案 0 :(得分:2)
问题是您已启用magic-quotes
这是php中的一个重大错误(将从版本5.something中的语言中删除。)
在许多较旧的设置中,它仍然启用,禁用它是个好主意,因为它不会增加任何安全性,但它确实增加了很多麻烦。
如果(且仅当)您无法禁用它,则可以在执行stripslashes()之前使用mysql_real_escape_string。
答案 1 :(得分:-1)
尝试在显示字符串之前将stripslashes()应用于字符串。