我试图在fancybox3的data-caption属性中动态显示我的图像信息。这是很长的,我不确定如何改变它,所以它不是可怕的。具体问题是,当它从mysql数据库中获取可能包含特殊字符的信息时,比如'或'数据标题认为它被关闭时,这不是我想要的。
我已经尝试将非常长的echo语句分成多个,但这并没有改变任何东西。我试图为数据标题附加字符串,“。$ var。”那没用。我尝试在变量声明期间使用mysqli_real_escape(),并且在尝试输出数据库信息时不会更改功能。
<table style="margin:1em auto;">
<?php
// require_once('DB_connection.php');
$j = 0;
while ($fetch_all_posts = mysqli_fetch_assoc($all_posts)) {
if ($j % 3 == 0) {
echo "<tr>";
}
$getUser = $fetch_all_posts['userName'];
$getPostID = $fetch_all_posts['postID'];
$getDateUploaded = $fetch_all_posts['dateUploaded'];
$getImg = $fetch_all_posts['img']; //dont really need
$getLocation = mysqli_real_escape_string($connection,$fetch_all_posts['location']);
$getCaption = mysqli_real_escape_string($connection,$fetch_all_posts['caption']);
$getImageMetadata = mysqli_real_escape_string($connection,$fetch_all_posts['imageMetadata']);
$getCameraGearPost = mysqli_real_escape_string($connection,$fetch_all_posts['cameraGearPost']);
$getPhotoEdit = mysqli_real_escape_string($connection,$fetch_all_posts['photoEdit']);
$getCopyright = mysqli_real_escape_string($connection,$fetch_all_posts['copyright']);
//grab user profile pic from user table
$sql_profilePic = "SELECT * FROM $dbtableUser WHERE userName = '$getUser' ";
$all_users = mysqli_query($connection, $sql_profilePic);
$fetch_all_users = mysqli_fetch_assoc($all_users);
//change data caption's userName link also incorrectly interprets ' " for datacaption
echo "<td><br/><br/><br/><br/><a data-fancybox='images' data-caption= '<h1><a href=Profile.php><img id=profpic src=$fetch_all_users[profilePic] height=auto width=100px> $getUser</a></h1> <br/> <h5>@$getLocation</h5> <hr/> <br/> <h5>$getCaption</h5> <br/> <h5>$getImageMetadata</h5> <br/> <h5>$getCameraGearPost</h5> <br/><h5>$getPhotoEdit<h5> <br/><br/><br/> <h6>PostID: $getPostID </h6> <br/>Copyrighted: $getCopyright <br/> $getDateUploaded <br/>' href ='$getImg'> <img id=postPics src='$getImg' alt='$getCaption'</a> </td>";
if ($j % 3 == 2) {
echo "</tr>";
}
$j++;
}
?>
</table>
我希望点击图像后,它会使用特殊字符恰当地显示数据标题。
这个链接,https://ibb.co/QK3Nkfw,显示当前页面的样子,第一个图像是问题,我希望它像其余的一样。点击图像后,它应显示如下数据:https://ibb.co/qnTJYf3
htmlspecialchars()
是答案https://www.php.net/manual/en/function.htmlspecialchars.php
另外,学会调试你的代码 - 如果你使用开发人员工具检查生成的html代码,我可以保证你会看到你的html被破坏(由于未转义的字符)