","","b","i","

hello

"); print_r ($x); echo "
"; var_dump ($x); outputs th...">
All geek questions in one place

Var_dump or print_r and html coding

<?php $x = array("<b>","<i>","b","i","<h1>hello</h1>"); print_r ($x); echo "<hr>"; var_dump ($x);

outputs this to the html source!

 Array ( [0] => <b> [1] => <i> [2] => b [3] => i [4] => <h1>hello</h1> ) <hr>array(5) { [0]=> string(3) "<b>" [1]=> string(3) "<i>" [2]=> string(1) "b" [3]=> string(1) "i" [4]=> string(14) "<h1>hello</h1>" }

obviously i could be hss'ed by this!
How can I make sure the values โ€‹โ€‹of the htmlencoded array?

+7
source share
8 answers

I found that knittl code is not working. I had to make small changes to make it work as follows:

 array_walk_recursive($inputarray, function(&$v) { $v = htmlspecialchars($v); });

Now this works fine in PHP5.3 +

+9
source

Although this question has an accepted answer, I think David Morrow's answer is the best / easiest / most practical (uses the print_r true flag):

 echo "<pre>".htmlentities(print_r($some_array, true))."</pre>";

However, here is another solution using output buffering:

 <?php ob_start(); print_r($some_array); $buffer = ob_get_clean(); echo "<pre>".htmlentities($buffer)."</pre>"; ?>
+18
source

Or you can just save print_r in a string and then print it by specifying the second parameter to true.

 $arr = array('<script>alert("hey");</script>'); $str = print_r($arr, true); echo htmlentities($str);

<strong> outputs:

 Array ( [0] => <script>alert("hey");</script> )

script is not executed

+7
source

A simple solution would be to use array_walk_recursive :

 array_walk_recursive($inputarray, function(&$v) { $v = htmlspecialchars($v); });
+5
source

The function that works for me is described in this comment on PHP in PHP .

Its function, replacing var_dump , is implemented as:

 function htmlvardump() { ob_start(); $var = func_get_args(); call_user_func_array('var_dump', $var); echo htmlentities(ob_get_clean()); }

This works for me in PHP 5.3+.

(Note that there was a typo in the original source).

+4
source

Thanks Knittl, this is what I came up with. works the way i wanted!

 <?php $x = array("tag1" => "<b>","tag2" => "<i>","tag3" => "b","tag4" => "i","tag5" => "<h1>hello</h1>"); echo "<hr><pre>"; blp_print_r ($x); echo "<hr>"; print_r($x); echo "</pre><hr>"; /* outputs this in the browser normal view new one... Array ( ['tag1'] => <b> ['tag2'] => <i> ['tag3'] => b ['tag4'] => i ['tag5'] => <h1>hello</h1> ) traditional one... Array ( [tag1] => [tag2] => [tag3] => b [tag4] => i [tag5] => hello ) */ function blp_print_r($inputarray){ echo "Array\n(\n"; echo "<blockquote>"; array_walk($inputarray,"html_encoder"); echo "</blockquote>"; echo ")"; } function html_encoder($current_val,$current_key){ echo "['" , htmlentities($current_key, ENT_QUOTES, "UTF-8") , "']", " => "; echo htmlentities($current_val, ENT_QUOTES, "UTF-8") , "\n"; } ?>
+1
source 
 echo <pre>; echo htmlspecialchars(print_r($key['value'], true)); echo '</pre>';

I use this code to output an array value (contains AdSense code) from an SQL database.

+1
source

I found this page very useful, but I changed the functions to be recursive, the function of the walker handler checks the array for the value after the echo of the keystroke, and then calls the original function in this array. I think this makes it a real "htmlentity recursive function", hence the new name ...

 function htmlentities_print_r( $inputarray ) { echo "<pre>" ; array_walk( $inputarray , "html_encoder" ) ; echo "</pre>"; } function html_encoder($current_val,$current_key){ echo "['" , htmlentities($current_key, ENT_QUOTES, "UTF-8") , "']", " => "; if ( is_array( $current_val ) ) { blp_print_r( $current_val ) ; } else { echo htmlentities($current_val, ENT_QUOTES, "UTF-8") , "\n"; } }
0
source

Source: https://habr.com/ru/post/912658/

More articles:


All Articles