下面这段代码怎么进行htmlentities()之类的html过滤-php教程-PHP中文网

首页

后端开发

php教程

下面这段代码怎么进行htmlentities()之类的html过滤

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 23, 2016 pm 02:22 PM

应该是过滤keyword，就是把用户输入的搜索内容过滤掉html代码
麻烦知道的大哥直接给代码，小弟不怎么懂php,谢谢了

public function search()	{		global $_FANWE;		$page_args = array(			'city_py' => CURRENT_CITY_PY,			'sort' => trim($_FANWE['request']['sort']),			'keyword' => trim($_FANWE['request']['keyword']),		);		$keyword = '';		if(!empty($page_args['keyword']))		{			$page_args['keyword'] = urldecode($page_args['keyword']);			$keyword = &$page_args['keyword'];			$keyword_query = clearSymbol($page_args['keyword']);			if(!empty($keyword_query))			{				$search_txt = clearRepeat($keyword_query);				$keyword_query = segmentToUnicode($keyword_query,'+');                $fields = ",MATCH (gm.content) AGAINST ('$keyword_query') AS similarity ";				$where.=" WHERE MATCH (gm.content) AGAINST ('$keyword_query' IN BOOLEAN MODE)";			}			else				$keyword = '';		}		if(!empty($keyword))		{			$insert_sort = 'gk.cr_sort ASC';			$city_name = $_FANWE['current_city']['name'];			if(CURRENT_CITY_PY == CHINA_CITY_PY)			{				//全国不包含所有城市商品时				if($_FANWE['setting']['all_city'] == 0)				{					$where.=  " AND gk.city = '$city_name'";				}				else					$insert_sort = 'gk.r_sort ASC';			}			elseif(CURRENT_CITY_PY != '')			{				//城市显示全国商品时				if($_FANWE['setting']['index_all'] == 1)				{					$fields .= ",(gk.city = '$city_name') as is_now_city";					$insert_sort = 'is_now_city DESC,'.$insert_sort;					$quanguo_name = $_FANWE['cache']['city']['all'][CHINA_CITY_PY]['name'];					$where.=  " AND gk.city IN ('$city_name','$quanguo_name')";				}				else				{					$where.=  " AND gk.city = '$city_name'";				}			}			$order = '';			$sort = &$page_args['sort'];			$sort_array = array('spa'=>'g.shop_price ASC','spd'=>'g.shop_price DESC','eta'=>'gk.end_time ASC','etd'=>'gk.end_time DESC','cca'=>'g.click_count ASC','ccd'=>'g.click_count DESC','sa'=>'g.score ASC','sd'=>'g.score DESC','ba'=>'g.bought ASC','bd'=>'g.bought DESC','da'=>'discount ASC','dd'=>'discount DESC');			if(array_key_exists($sort,$sort_array))				$order = $sort_array[$sort];			else			{				unset($page_args['sort']);				$sort = '';			}			if(empty($order))				$order .= 'similarity DESC,'.$insert_sort.',gk.sort ASC,g.id ASC';			else				$order .= ',similarity DESC,'.$insert_sort.',gk.sort ASC,g.id DESC';			$goods_count = DB::resultFirst('SELECT COUNT(DISTINCT g.id)				FROM '.DB::table('goods_now_match').' AS gm				INNER JOIN '.DB::table('goods_now_key').' AS gk ON gk.id = gm.id				INNER JOIN '.DB::table('goods_now').' AS g ON g.id = gk.id '.$where);			$pager = buildPage('now/search',$page_args,$goods_count,$_FANWE['page'],24);			$res = DB::query('SELECT g.id,g.small_img,g.end_time,g.market_price,g.begin_time,g.shop_price,				gk.city,gk.site_id,g.is_best,g.bought,g.name,g.sort,g.site_name,g.collect_buy,g.click_count,				g.url,g.collect_count,g.add_time,(g.shop_price / g.market_price) AS discount,g.post_count'.$fields.'				FROM '.DB::table('goods_now_match').' AS gm				INNER JOIN '.DB::table('goods_now_key').' AS gk ON gk.id = gm.id				INNER JOIN '.DB::table('goods_now').' AS g ON g.id = gk.id '.$where.'				ORDER BY '.$order.' LIMIT '.$pager['limit']);			$goods_list = array();			while($goods = DB::fetch($res))			{				S('Goods')->goodsFormat($goods);				$goods_list[] = $goods;			}		}		include template('page/search_index');		display();	}

回复讨论(解决方案)

如果你的代码本身没有问题的话!只需直接加一个strip_tags函数！

public function search()	{		global $_FANWE;		$page_args = array(			'city_py' => CURRENT_CITY_PY,			'sort' => trim($_FANWE['request']['sort']),			'keyword' => strip_tags(trim($_FANWE['request']['keyword']),		));//加一个strip_tags这个就可以了		$keyword = '';		if(!empty($page_args['keyword']))		{			$page_args['keyword'] = urldecode($page_args['keyword']);			$keyword = &$page_args['keyword'];			$keyword_query = clearSymbol($page_args['keyword']);			if(!empty($keyword_query))			{				$search_txt = clearRepeat($keyword_query);				$keyword_query = segmentToUnicode($keyword_query,'+');                $fields = ",MATCH (gm.content) AGAINST ('$keyword_query') AS similarity ";				$where.=" WHERE MATCH (gm.content) AGAINST ('$keyword_query' IN BOOLEAN MODE)";			}			else				$keyword = '';		}		if(!empty($keyword))		{			$insert_sort = 'gk.cr_sort ASC';			$city_name = $_FANWE['current_city']['name'];			if(CURRENT_CITY_PY == CHINA_CITY_PY)			{				//全国不包含所有城市商品时				if($_FANWE['setting']['all_city'] == 0)				{					$where.=  " AND gk.city = '$city_name'";				}				else					$insert_sort = 'gk.r_sort ASC';			}			elseif(CURRENT_CITY_PY != '')			{				//城市显示全国商品时				if($_FANWE['setting']['index_all'] == 1)				{					$fields .= ",(gk.city = '$city_name') as is_now_city";					$insert_sort = 'is_now_city DESC,'.$insert_sort;					$quanguo_name = $_FANWE['cache']['city']['all'][CHINA_CITY_PY]['name'];					$where.=  " AND gk.city IN ('$city_name','$quanguo_name')";				}				else				{					$where.=  " AND gk.city = '$city_name'";				}			}			$order = '';			$sort = &$page_args['sort'];			$sort_array = array('spa'=>'g.shop_price ASC','spd'=>'g.shop_price DESC','eta'=>'gk.end_time ASC','etd'=>'gk.end_time DESC','cca'=>'g.click_count ASC','ccd'=>'g.click_count DESC','sa'=>'g.score ASC','sd'=>'g.score DESC','ba'=>'g.bought ASC','bd'=>'g.bought DESC','da'=>'discount ASC','dd'=>'discount DESC');			if(array_key_exists($sort,$sort_array))				$order = $sort_array[$sort];			else			{				unset($page_args['sort']);				$sort = '';			}			if(empty($order))				$order .= 'similarity DESC,'.$insert_sort.',gk.sort ASC,g.id ASC';			else				$order .= ',similarity DESC,'.$insert_sort.',gk.sort ASC,g.id DESC';			$goods_count = DB::resultFirst('SELECT COUNT(DISTINCT g.id)				FROM '.DB::table('goods_now_match').' AS gm				INNER JOIN '.DB::table('goods_now_key').' AS gk ON gk.id = gm.id				INNER JOIN '.DB::table('goods_now').' AS g ON g.id = gk.id '.$where);			$pager = buildPage('now/search',$page_args,$goods_count,$_FANWE['page'],24);			$res = DB::query('SELECT g.id,g.small_img,g.end_time,g.market_price,g.begin_time,g.shop_price,				gk.city,gk.site_id,g.is_best,g.bought,g.name,g.sort,g.site_name,g.collect_buy,g.click_count,				g.url,g.collect_count,g.add_time,(g.shop_price / g.market_price) AS discount,g.post_count'.$fields.'				FROM '.DB::table('goods_now_match').' AS gm				INNER JOIN '.DB::table('goods_now_key').' AS gk ON gk.id = gm.id				INNER JOIN '.DB::table('goods_now').' AS g ON g.id = gk.id '.$where.'				ORDER BY '.$order.' LIMIT '.$pager['limit']);			$goods_list = array();			while($goods = DB::fetch($res))			{				S('Goods')->goodsFormat($goods);				$goods_list[] = $goods;			}		}		include template('page/search_index');		display();	}

$string = preg_replace("']*?>'si", "", $string);

声明

本文内容由网友自发贡献，版权归原作者所有，本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容，请联系admin@php.cn

您如何修改PHP会话中存储的数据？Apr 27, 2025 am 12:23 AM

tomodifyDataNaphPsession，startTheSessionWithSession_start（），然后使用$ _sessionToset，修改，orremovevariables.1）startThesession.2）setthesession.2）使用$ _session.3）setormodifysessessvariables.3）emovervariableswithunset（）

举一个在PHP会话中存储数组的示例。Apr 27, 2025 am 12:20 AM

在PHP会话中可以存储数组。1.启动会话，使用session_start()。2.创建数组并存储在$_SESSION中。3.通过$_SESSION检索数组。4.优化会话数据以提升性能。

垃圾收集如何用于PHP会议？Apr 27, 2025 am 12:19 AM

PHP会话垃圾回收通过概率机制触发，清理过期会话数据。1）配置文件中设置触发概率和会话生命周期；2）可使用cron任务优化高负载应用；3）需平衡垃圾回收频率与性能，避免数据丢失。

如何在PHP中跟踪会话活动？Apr 27, 2025 am 12:10 AM

PHP中追踪用户会话活动通过会话管理实现。1)使用session_start()启动会话。2)通过$_SESSION数组存储和访问数据。3)调用session_destroy()结束会话。会话追踪用于用户行为分析、安全监控和性能优化。

如何使用数据库存储PHP会话数据？Apr 27, 2025 am 12:02 AM

利用数据库存储PHP会话数据可以提高性能和可扩展性。1）配置MySQL存储会话数据：在php.ini或PHP代码中设置会话处理器。2）实现自定义会话处理器：定义open、close、read、write等函数与数据库交互。3）优化和最佳实践：使用索引、缓存、数据压缩和分布式存储来提升性能。

简单地说明PHP会话的概念。Apr 26, 2025 am 12:09 AM

phpsessionstrackuserdataacrossmultiplepagerequestsusingauniqueIdStoredInacookie.here'showtomanageThemeffectionaly：1）startAsessionWithSessionwwithSession_start（）和stordoredAtain $ _session.2）

您如何循环中存储在PHP会话中的所有值？Apr 26, 2025 am 12:06 AM

在PHP中，遍历会话数据可以通过以下步骤实现：1.使用session_start()启动会话。2.通过foreach循环遍历$_SESSION数组中的所有键值对。3.处理复杂数据结构时，使用is_array()或is_object()函数，并用print_r()输出详细信息。4.优化遍历时，可采用分页处理，避免一次性处理大量数据。这将帮助你在实际项目中更有效地管理和使用PHP会话数据。