我有一个有趣的问题。下面的代码取$_POST['content']和$_POST['page']。我试图写的"内容"是"HTML"(见下文),然而,实际上正在写的内容是
<footer>
<div class="grid_16">
<div class="wrapper">
<span class="right"><!-- {%FOOTER_LINK} --></span>
即:大部分内容缺失。
如有指导,不胜感激
<?php
if (!$_POST['content'] && !$_POST['page'])
return false;
$content = $_POST['content'];
$page = $_POST['page'];
$fp = fopen('content/'.$page, 'w');
fwrite($fp, htmlspecialchars($content));
fclose($fp);
?>
$_POST['content'] is:
<footer>
<div class="grid_16">
<div class="wrapper">
<span class="right"><!-- {%FOOTER_LINK} --></span> l
la-panacee © 2013 |
<a href="privacyStatement.php">Privacy policy</a>
</div>
</div>
</footer>
截短HTML的原因可能是$_POST变量中存在未编码的&符号。
RFC 2396:统一资源标识符(URI):通用语法
2.2. Reserved Characters
Many URI include components consisting of or delimited by, certain
special characters. These characters are called "reserved", since
their usage within the URI component is limited to their reserved
purpose. If the data for a URI component would conflict with the
reserved purpose, then the conflicting data must be escaped before
forming the URI.
reserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" |
"$" | ","
The "reserved" syntax class above refers to those characters that are
allowed within a URI, but which may not be allowed within a
particular component of the generic URI syntax; they are used as
delimiters of the components described in Section 3.