0

興味深い問題があります。と を取る以下のコードが$_POST['content']あり$_POST['page']ます。私が書き込もうとしている「コンテンツ」は「HTML」(以下を参照)ですが、実際に書かれているコンテンツは

<footer> 
        <div class="grid_16"> 
                <div class="wrapper"> 
                        <span class="right"><!-- {%FOOTER_LINK} --></span>

つまり、コンテンツの大部分が欠落しています。

どんなガイダンスでも大歓迎です

<?php

if (!$_POST['content'] && !$_POST['page'])
    return false;

$content = $_POST['content'];
$page = $_POST['page'];

$fp = fopen('content/'.$page, 'w');

fwrite($fp, htmlspecialchars($content));

fclose($fp);

?>

$_POST['content']は:

<footer> 
    <div class="grid_16"> 
        <div class="wrapper"> 
            <span class="right"><!-- {%FOOTER_LINK} --></span> l
            la-panacee &copy; 2013 &nbsp;|&nbsp; 
            <a href="privacyStatement.php">Privacy policy</a>
        </div> 
    </div>
 </footer>
4

1 に答える 1

0

HTML が切り捨てられた理由は、$_POST 変数にエンコードされていないアンパサンドが存在したためである可能性があります。

RFC 2396: URI (Uniform Resource Identifier): 一般的な構文

2.2. Reserved Characters

   Many URI include components consisting of or delimited by, certain
   special characters.  These characters are called "reserved", since
   their usage within the URI component is limited to their reserved
   purpose.  If the data for a URI component would conflict with the
   reserved purpose, then the conflicting data must be escaped before
   forming the URI.

      reserved    = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" |
                    "$" | ","

   The "reserved" syntax class above refers to those characters that are
   allowed within a URI, but which may not be allowed within a
   particular component of the generic URI syntax; they are used as
   delimiters of the components described in Section 3.
于 2013-01-11T03:45:11.957 に答える