0

我的 wordpress 网站上有一个自己尝试的编辑器。问题是:如果我在“源代码”字段中输入 html 标签并提交表单,我会收到 404:not found 错误。但是,如果我只输入纯文本或将该字段留空,则一切正常。有什么我做错了吗?你可以在这里查看:http: //www.naijaprogrammer.com/tryit/

有 2 个文件:tryview_sc.php 和 index.php:tryview_sc.php 中的代码是:

if(isset($_POST['code']))
{
    echo $_POST['code'];
    exit;
}
else if(isset($_GET['id']))
{
    $dash=mysql_real_escape_string($_GET['id']);
    $file_query=mysql_query("SELECT code FROM editor WHERE id='$dash'");
    $count=mysql_num_rows($file_query);
    if($count==0)
    {
        return;
    }
    else{
        $file=mysql_fetch_array($file_query);
        echo $file['code'];
    }
}
else
{
    return;
}

您对 index.php 文件感兴趣的代码是:

<form action="tryview_sc.php" method="post" target="view" id="tryitform" name="tryitform">
     <textarea class="code_input" id="pre_code" wrap="logical"><?php echo $output; ?></textarea>
     <input type="hidden" name="code" id="code" />
     <input type="hidden" id="bt" name="bt" />
    </form>

和这个 iframe:<iframe style="background-color:#fff;" class="result_output" frameborder="0" name="view" src="tryview_sc.php">

4

1 回答 1

0

Your code is working ok for some HTML tags (e.g. <b>test</b> works fine).

Your javascript code is storing the "source code" in the value of a hidden form element. This won't work well with some characters in the source code, particularly "

You need to encode the source code in the Javascript with encodeURIComponent() then decode it in the PHP script with rawurldecode().

See here for more details: encodeURIComponent(), rawurldecode()

于 2013-11-10T09:56:28.440 回答