我的html表单有几个输入文本字段,它们可能会从中文,日文,欧洲文字,特殊字符(如英文等)中获取字符。因此,总之,unicode字符。在html表单提交中处理UTF字符
要在服务器端处理这些值(使用php),我可以假设所有默认浏览器都在表单提交时以UTF-8格式对这些字符进行编码。
还是有办法告诉浏览器总是提交这些字符为UTF8编码,以便我们可以使用utf8_decode来处理这些值?
谢谢。
我的html表单有几个输入文本字段,它们可能会从中文,日文,欧洲文字,特殊字符(如英文等)中获取字符。因此,总之,unicode字符。在html表单提交中处理UTF字符
要在服务器端处理这些值(使用php),我可以假设所有默认浏览器都在表单提交时以UTF-8格式对这些字符进行编码。
还是有办法告诉浏览器总是提交这些字符为UTF8编码,以便我们可以使用utf8_decode来处理这些值?
谢谢。
在输出HTML之前设置表单页面的字符编码。
header('Content-Type: text/html; charset=utf-8');
摘自here
/**
* @usage $var = $this->clean__makesafe_value($var, array("urldecode"), true);
* OR $this->clean__makesafe_value($var, array("urldecode"));
*/
Class Input
{
/**
* Makesafe
*
* @param mixed REFERENCE: Data to make safe
* @param string KEY [used as parameter-2 in the callback function of array_walk()
* @param array Additional functions to filter the value through, prior to cleaning
* @return mixed VOID if $_output_flag = false; MIXED otherwise.
*/
private function _clean__makesafe (&$val, $key, $filters = array())
{
if ($val === '') // Literally empty string, integer 0 excluded
{
return true;
}
# Let's apply additional functions, if any, to clean further
if (isset($filters) and is_array($filters) and count($filters))
{
foreach($filters as $_filter)
{
if (is_array($_filter) and is_object($_filter[0]) and method_exists($_filter[0], $_filter[1]))
{
$val = &$_filter[0]->$_filter[1]($val);
}
elseif (function_exists($_filter))
{
$val = $_filter($val);
}
else
{
throw new Exception ("Parameter-2 of Input::_clean__makesafe() must be a valid function/method callback!");
}
}
}
$val = trim($val);
// $val = $this->clean__stripslashes($val);
$val = str_replace(" " , " " , $val);
$val = $this->clean__control_characters($val);
# Convert all carriage return combos
$val = str_replace(array('\r\n', '\n\r', '\r'), "\n", $val);
# Continue with cleaning...
$val = str_replace("&" , "&" , $val);
$val = str_replace("<!--" , "<!--" , $val);
$val = str_replace("-->" , "-->" , $val);
$val = preg_replace("/<script/i" , "<script" , $val);
$val = str_replace(">" , ">" , $val);
$val = str_replace("<" , "<" , $val);
$val = str_replace('"' , """ , $val);
$val = str_replace('\n' , "<br />" , $val); // Convert literal newlines
$val = str_replace('$' , "$" , $val);
$val = str_replace("!" , "!" , $val);
$val = str_replace("'" , "'" , $val); // IMPORTANT: It helps to increase sql query safety.
# Convert HTML entities into friendly versions of them
$_list_of_html_entities__from = array(" ","¡","¢","£","¤","¥","¦","§","¨","©","ª","«","¬","­","®","¯","°","±","²","³","´","µ","¶","·","¸","¹","º","»","¼","½","¾","¿","À","Á","Â","Ã","Ä","Å","Æ","Ç","È","É","Ê","Ë","Ì","Í","Î","Ï","Ð","Ñ","Ò","Ó","Ô","Õ","Ö","×","Ø","Ù","Ú","Û","Ü","Ý","Þ","ß","à","á","â","ã","ä","å","æ","ç","è","é","ê","ë","ì","í","î","ï","ð","ñ","ò","ó","ô","õ","ö","÷","ø","ù","ú","û","ü","ý","þ","ÿ","ƒ","Α","Β","Γ","Δ","Ε","Ζ","Η","Θ","Ι","Κ","Λ","Μ","Ν","Ξ","Ο","Π","Ρ","Σ","Τ","Υ","Φ","Χ","Ψ","Ω","α","β","γ","δ","ε","ζ","η","θ","ι","κ","λ","μ","ν","ξ","ο","π","ρ","ς","σ","τ","υ","φ","χ","ψ","ω","ϑ","ϒ","ϖ","•","…","′","″","‾","⁄","℘","ℑ","ℜ","™","ℵ","←","↑","→","↓","↔","↵","⇐","⇑","⇒","⇓","⇔","∀","∂","∃","∅","∇","∈","∉","∋","∏","∑","−","∗","√","∝","∞","∠","∧","∨","∩","∪","∫","∴","∼","≅","≈","≠","≡","≤","≥","⊂","⊃","⊄","⊆","⊇","⊕","⊗","⊥","⋅","⌈","⌉","⌊","⌋","〈","〉","◊","♠","♣","♥","♦",""","&","<",">","Œ","œ","Š","š","Ÿ","ˆ","˜"," "," "," ","‌","‍","‎","‏","–","—","‘","’","‚","“","”","„","†","‡","‰","‹","›","€");
$_list_of_html_entities__to = array(" ","¡","¢","£","¤","¥","¦","§","¨","©","ª","«","¬","­","®","¯","°","±","²","³","´","µ","¶","·","¸","¹","º","»","¼","½","¾","¿","À","Á","Â","Ã","Ä","Å","Æ","Ç","È","É","Ê","Ë","Ì","Í","Î","Ï","Ð","Ñ","Ò","Ó","Ô","Õ","Ö","×","Ø","Ù","Ú","Û","Ü","Ý","Þ","ß","à","á","â","ã","ä","å","æ","ç","è","é","ê","ë","ì","í","î","ï","ð","ñ","ò","ó","ô","õ","ö","÷","ø","ù","ú","û","ü","ý","þ","ÿ","ƒ","Α","Β","Γ","Δ","Ε","Ζ","Η","Θ","Ι","Κ","Λ","Μ","Ν","Ξ","Ο","Π","Ρ","Σ","Τ","Υ","Φ","Χ","Ψ","Ω","α","β","γ","δ","ε","ζ","η","θ","ι","κ","λ","μ","ν","ξ","ο","π","ρ","ς","σ","τ","υ","φ","χ","ψ","ω","ϑ","ϒ","ϖ","•","…","′","″","‾","⁄","℘","ℑ","ℜ","™","ℵ","←","↑","→","↓","↔","↵","⇐","⇑","⇒","⇓","⇔","∀","∂","∃","∅","∇","∈","∉","∋","∏","∑","−","∗","√","∝","∞","∠","∧","∨","∩","∪","∫","∴","∼","≅","≈","≠","≡","≤","≥","⊂","⊃","⊄","⊆","⊇","⊕","⊗","⊥","⋅","⌈","⌉","⌊","⌋","⟨","⟩","◊","♠","♣","♥","♦",""","&","<",">","Œ","œ","Š","š","Ÿ","ˆ","˜"," "," "," ","‌","‍","‎","‏","–","—","‘","’","‚","“","”","„","†","‡","‰","‹","›","€");
$val = str_replace($_list_of_html_entities__from , $_list_of_html_entities__to , $val);
# Ensure unicode chars are OK
$val = preg_replace("/&(#[0-9]+|[a-z]+);/s", "&\\1;", $val);
# Try and fix up HTML entities with missing ;
$val = preg_replace("/&#(\d+?)([^\d;])/i", "&#\\1;\\2", $val);
return true;
}
/**
* WRAPPER for clean__makesafe(): Clean's incoming values (usually _GET, _POST)
*
* @param mixed REF: Mixed value to parse
* @param array Additional functions to filter the value through, prior to cleaning
* @param boolean Whether to return the result or not, defaults to FALSE
* @return mixed MIXED Cleaned value if output_flag is set on; BOOLEAN otherwise
*/
public function clean__makesafe_value (&$val, $filters = array(), $do_output = false)
{
# If its an array, 'walk-through-it' recursively with Input::_clean__makesafe() ...
if (is_array($val))
{
array_walk_recursive($val, array($this, "_clean__makesafe"), $filters);
}
# ... otherwise, just apply Input::clean__makesafe() to it.
else
{
$this->_clean__makesafe($val, null, $filters);
}
# If explicit return is requested, comply - otherwise go Boolean.
if ($do_output)
{
return $val;
}
return true;
}
}
对于提交您的内容类型的数据编码
XML HTTP请求可以在发送UTF-8字符集
的方式提交表单的UTF-8通过XML HTTP请求发送它或在您的站点中使用UTF-8字符集
始终尽可能地清理您的数据,使其成为web-fr尽可能地。不要低估这一点,你将完全控制你的数据。 – 2011-02-28 22:40:59