string 转义 JavaScript 字符串中的单引号以进行 JavaScript 评估
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15087497/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Escaping single quotes in JavaScript string for JavaScript evaluation
提问by Florian Mertens
I have a project, in which some JavaScript var is evaluated. Because the string needs to be escaped (single quotes only), I have written the exact same code in a test function. I have the following bit of pretty simple JavaScript code:
我有一个项目,其中评估了一些 JavaScript 变量。因为字符串需要转义(仅单引号),所以我在测试函数中编写了完全相同的代码。我有以下一些非常简单的 JavaScript 代码:
function testEscape() {
var strResult = "";
var strInputString = "fsdsd'4565sd";
// Here, the string needs to be escaped for single quotes for the eval
// to work as is. The following does NOT work! Help!
strInputString.replace(/'/g, "''");
var strTest = "strResult = '" + strInputString + "';";
eval(strTest);
alert(strResult);
}
And I want to alert it, saying: fsdsd'4565sd.
我想提醒它,说:fsdsd'4565sd。
回答by Nikita Tkachenko
The thing is that .replace()does not modify the string itself, so you should write something like:
问题是.replace()不会修改字符串本身,因此您应该编写如下内容:
strInputString = strInputString.replace(...
It also seems like you're not doing character escaping correctly. The following worked for me:
似乎您没有正确进行字符转义。以下对我有用:
strInputString = strInputString.replace(/'/g, "\'");
回答by Kev
Best to use JSON.stringify()to cover all your bases, like backslashes and other special characters. Here's your original function with that in place instead of modifying strInputString:
最好用于JSON.stringify()覆盖所有基础,如反斜杠和其他特殊字符。这是您的原始功能,而不是修改strInputString:
function testEscape() {
var strResult = "";
var strInputString = "fsdsd'4565sd";
var strTest = "strResult = " + JSON.stringify(strInputString) + ";";
eval(strTest);
alert(strResult);
}
(This way your strInputStringcould be something like \\\'\"'"''\\abc'\and it will still work fine.)
(这样你strInputString可能会像这样\\\'\"'"''\\abc'\,它仍然可以正常工作。)
Note that it adds its own surrounding double-quotes, so you don't need to include single quotes anymore.
请注意,它添加了自己的双引号,因此您不再需要包含单引号。
回答by YziGer
I agree that this var formattedString = string.replace(/'/g, "\\'");works very well, but since I used this part of code in PHP with the framework Prado (you can register the js script in a PHP class) I needed this sample working inside double quotes.
我同意这var formattedString = string.replace(/'/g, "\\'");非常有效,但由于我在 PHP 中使用了这部分代码和框架 Prado(您可以在 PHP 类中注册 js 脚本),我需要这个示例在双引号内工作。
The solution that worked for me is that you need to put three \and escape the double quotes.
"var string = \"l'avancement\";
var formattedString = string.replace(/'/g, \"\\\'\");"
对我有用的解决方案是你需要放三个\并转义双引号。
"var string = \"l'avancement\";
var formattedString = string.replace(/'/g, \"\\\'\");"
I answer that question since I had trouble finding that three \was the work around.
我回答这个问题,因为我很难找到三个\是解决方法。
回答by Jo?o Ox Oc
Only this worked for me:
只有这对我有用:
searchKeyword.replace(/'/g, "\\'");//searchKeyword contains "d'av"
So, the result variable will contain "d\'av".
因此,结果变量将包含“d\'av”。
I don't know why with the RegEx didn't work, maybe because of the JS framework that I'm using (Backbone.js)
我不知道为什么使用 RegEx 不起作用,可能是因为我使用的 JS 框架(Backbone.js)
回答by Karthik G
strInputString = strInputString.replace(/'/g, "''");
