Has*_*lla 0 php escaping magic-quotes
所以基本上当我输入带有撇号的东西时,比如约翰的自行车,它会回应约翰的自行车.代码如下:
<?php
$searchname = $_POST["name"] ;
echo "$searchname";
我的表单使用POST方法.有没有办法阻止这个?
另外,为了使输入大小写不敏感,我将如何进入这一部分?
$searchsport = $_POST['sport'];
$sportarray = array(
"Football" => "Fb01",
"Cricket" => "ck32",
"Tennis" => "Tn43",
);
if(isset($sportarray[$searchsport])){
header("Location: ".$sportarray[$searchsport].".html");
die;
}
//what code is needed to make the if statement work? I've looked up some weird ways such as using array_change_key_case (which I clearly don't understand).
这很可能是因为你打开了魔法引号,试试这个:
if (get_magic_quotes_gpc())
{
$searchname = stripslashes($_POST["name"]);
echo "$searchname";
}
else
{
$searchname = $_POST["name"];
echo "$searchname";
}
实际上,您可以创建一个函数,而不是自动为您执行此操作:
function fixIt($str)
{
if (is_array($str))
{
foreach ($str as &$value)
{
$value = fixIt($value);
}
return $str;
}
else
{
return stripslashes($str);
}
}
然后你可以简单地做:
$searchname = fixIt($_POST["name"]);
echo $searchname;
注意:您也可以禁用php.ini中的丑陋魔术引号,因为它们存在问题,并且正确地弃用了PHP的未来版本.