javascript - Code for filtering user input <script>alert(0)</script>
淡淡烟草味
淡淡烟草味 2017-05-16 13:02:39
0
3
752

I would like to ask, if the user enters a code command, how to filter out the effect? For example, if a user submits the sentence <script>alert(0)</script>, it needs to be submitted to the backend and then displayed in the frontend. However, if it is displayed in the frontend, alert will definitely be executed. How to filter it out so that it can be displayed directly? God, please help me~

淡淡烟草味
淡淡烟草味

reply all(3)
我想大声告诉你

php’s htmlspecialchars()
front-end
`function htmlspecialchars(str)
{

str = str.replace(/&/g, '&amp;');  
str = str.replace(/</g, '<');  
str = str.replace(/>/g, '>');  
str = str.replace(/"/g, '&quot;');  
str = str.replace(/'/g, '&#039;');  
return str;  

} `

phpcn_u1582

php’s htmlspecialchars()

滿天的星座

Two places for filtering, one is filtering when user input is stored in the database, and the other is filtering when displaying. The filtering method is htmlspecialchars(). Personally, I prefer filtering when displaying to ensure the originality of user input. Accuracy of data

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template