我正在通过AJAX接收一些代码,并像这样处理:
$verifiedSubject = addslashes(htmlentities($_REQUEST['subject']));
$verifiedBody = addslashes(htmlentities($_REQUEST['body']));
$verifiedAttachment1 = addslashes(htmlentities($_REQUEST['attachment1']));
$verifiedAttachment2 = addslashes(htmlentities($_REQUEST['attachment2']));
echo '<div id="subject" style="text-decoration: underline; cursor:pointer; display: inline; margin-bottom: 2%;" onclick=''readmore("'.json_encode($verifiedSubject).'", "'.json_encode($verifiedBody).'", "'.json_encode($verifiedAttachment1).'", "'.json_encode($verifiedAttachment2).'")''>';
echo $_REQUEST['subject'];
echo '</div>';
在上面的代码中,我试图将任何HTML代码转换为实体,添加斜杠来转义单引号和双引号,然后json_encode()它让JavaScript在onclick函数中处理。
然而,当点击文本以启动onclick时,我会收到以下错误:
参数列表后未捕获的SyntaxError:缺少)
我尝试了各种PHP函数来尝试正确地转义这个字符串,但似乎都不起作用。有人能帮我吗?
更新页面来源:
<script>
var date = "Monday, November 16th, 2015 Announcements";
formatAnnouncement( '55',
'Hi',
'<b rgb(0, 0, 0); font-family: Arial, Helvetica, sans; font-size: 11px; line-height: 14px; text-align: justify;'">Lorem Ipsum</b><span rgb(0, 0, 0); font-family: Arial, Helvetica, sans; font-size: 11px; line-height: 14px; text-align: justify;'"> is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry''s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum.</span>',
'0',
'',
'',
'******',
'2015-11-16 16:53:23',
date
);
</script>
你做错了。json_encode()只需将生成的字符串用作可赋值的"值"即可完成所有需要的操作。例如
<?php
$foo = 'bar';
?>
<script>
var test1 = <?php echo json_encode($foo); ?>; // this works
var test2 = "<?php echo json_encode($foo); ?>; // this doesn't
你最终会得到的是:
var test1 = "bar";
var test2 = ""bar""; //syntax error - two empty strings with undefined var between them
所以你的代码中应该有:
echo '<div id="subject" style="text-decoration: underline;
cursor:pointer; display: inline; margin-bottom: 2%;"
onclick=''readmore('.json_encode($verifiedSubject). ', '.
^--no " ^-^--ditto
etc...
不需要addslash,因为json将转义将值转换为"安全"javascript字符串表示所需的一切。然而,由于您将这个json文本嵌入到html onclick中,因此很可能需要htmlentities,以防止"字符"脱离"html。
它的回显结果似乎有太多引号。试试这个:
echo '<div id="subject" style="text-decoration: underline; cursor:pointer; display: inline; margin-bottom: 2%;" onclick=''readmore('.json_encode($verifiedSubject).', '.json_encode($verifiedBody).', '.json_encode($verifiedAttachment1).', '.json_encode($verifiedAttachment2).')''>';
echo $_REQUEST['subject'];
echo '</div>';