php htmlentities 破坏 utf-8 字符串
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5679715/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
htmlentities destroys utf-8 strings
提问by Dominique
I got something weird happening here and I can't understand why, on my php 5.2.5 server (Just on Linux ,Windows php servers doesn't have same problem) When I use a POST Form to post the content on an input containing "é" and on the other side I
我在这里发生了一些奇怪的事情,我不明白为什么,在我的 php 5.2.5 服务器上(仅在 Linux 上,Windows php 服务器没有同样的问题)当我使用 POST 表单将内容发布到包含“é”,在另一边我
echo(htmlentities($_POST["myinput"]))
it echos é
它回响 é
But if I echo my
但如果我回应我的
$_POST["myinput"]
simply it shows "é", so this mean my htmlentities doesn't use UTF-8 by default, where can I change the Charset used by htmlentities?
它只是显示“é”,所以这意味着我的 htmlentities 默认不使用 UTF-8,我可以在哪里更改 htmlentities 使用的字符集?
I tried changing it in my php.ini default_charset = "UTF-8", but it won't work either?
我尝试在我的 php.ini default_charset = "UTF-8" 中更改它,但它也不起作用?
回答by rook
htmlspecialchars($str, ENT_QUOTES, "UTF-8")
htmlspecialchars($str, ENT_QUOTES, "UTF-8")
This is also better at preventing xss than just htmlentities()
这也比仅仅防止 xss 更好 htmlentities()
回答by Jussi
回答by Pekka
The only way to change htmlentities()'s encoding is specifying it in its third parameter.
改变htmlentities()编码的唯一方法是在它的第三个参数中指定它。
There is no way to change the default encoding. Prior to PHP 5.4 It is always iso-8859-1.
无法更改默认编码。在 PHP 5.4 之前,它始终是iso-8859-1.
This was changed in PHP 5.4 however and is now always utf-8
然而,这在 PHP 5.4 中有所改变,现在总是 utf-8
回答by Nico
From php manual: htmlentities() takes an optional third argument encoding which defines encoding used in conversion. From PHP 5.6.0, default_charset value is used as default. From PHP 5.4.0, UTF-8 is the default. PHP prior to 5.4.0, ISO-8859-1 is used as the default. Although this argument is technically optional, you are highly encouraged to specify the correct value for your code.
来自 php手册: htmlentities() 采用可选的第三个参数 encoding ,它定义了转换中使用的编码。从 PHP 5.6.0 开始,default_charset 值被用作默认值。从 PHP 5.4.0 开始,UTF-8 是默认值。PHP 5.4.0 之前,默认使用 ISO-8859-1。尽管此参数在技术上是可选的,但强烈建议您为代码指定正确的值。
回答by KarlosFontana
And if you don't want to worry about so many different charset codings or if htmlentities doesn't work for you, here the alternative: I used mysqli DB connection (and PHPV5) Form post for writing/inserting to MySQl DB.
如果您不想担心这么多不同的字符集编码,或者如果 htmlentities 对您不起作用,那么这里的替代方案是:我使用 mysqli DB 连接(和 PHPV5)表单帖子来写入/插入到 MySQl DB。
$Notes = $_POST['Notes']; //can be text input or textarea.
$charset = mysqli_character_set_name($link); //mysqli connection
printf ("To check your character set but not necessary %s\n",$charset);
$Notes = str_replace('"', '"', $Notes); //double quotes for mailto: emails.
$von = array("?","?","ü","?","?","?","ü"," ","é"); //to correct double whitepaces as well
$zu = array("ä","ö","ü","ß","Ä","Ö","Ü"," ","é");
$Notes = str_replace($von, $zu, $Notes);
echo " Notes:".$Notes."<br>" ;
$Notes = mysqli_real_escape_string($link, $Notes); //for mysqli DB connection.
// Escapes special characters in a string for use in an SQL statement
echo " Notes:".$Notes ; //ready for inserting
