mprpjo Posted October 16, 2014 Share Posted October 16, 2014 help! <?php $x = array("</", "message"); echo "<pre>"; var_dump($x); $y = filter_var_array($x, FILTER_SANITIZE_SPECIAL_CHARS); echo "<pre>"; var_dump($y); ?> <!-- Output: array(2) { [0]=> string(2) " string(7) "message" } array(2) { [0]=> string(6) "</" [1]=> string(7) "message" } Is there a better approach to retain "</" in the array without hideously affecting the code? Thanks! }--> specialchar.php Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 16, 2014 Share Posted October 16, 2014 You should keep coding logic and html separate. Quote Link to comment Share on other sites More sharing options...
ginerjm Posted October 16, 2014 Share Posted October 16, 2014 Something is odd in your example. Your first output shows an element as "string(2)" but the value is simply a pair of quotes. Why do we not see a 2 char string of some kind? Then in your second output we see an element defined as "string(6)" but the value is '</' which is a 2 char string. Why? Where is the 6 char string? Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 16, 2014 Share Posted October 16, 2014 @ginerjm. The OP is seeing the results in the browser. The browser has parsed the </ as HTML this is why you only see the double quote. As for the 6 char string the </ has been html escaped to </ The actual output to the OP's code is this <pre>array(2) { [0]=> string(2) "</" [1]=> string(7) "message" } <pre>array(2) { [0]=> string(6) "</" [1]=> string(7) "message" } Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 16, 2014 Share Posted October 16, 2014 @mprpjo What is it you are trying to do? The reason for the output is because the FILTER_SANITIZE_SPECIAL_CHARS flag will HTML escape characters such as single, double quotes, angled brackets and ampersands into their ASCII counterparts. NOTE: when you post code please wrap it within tags or click the <> button in the post editor. Quote Link to comment Share on other sites More sharing options...
mprpjo Posted October 16, 2014 Author Share Posted October 16, 2014 help! <?php $x = array("</", "message"); echo "<pre>"; var_dump($x); $y = filter_var_array($x, FILTER_SANITIZE_SPECIAL_CHARS); echo "<pre>"; var_dump($y); ?> Output: array(2) { [0]=> string(2) " string(7) "message" } array(2) { [0]=> string(6) "</" [1]=> string(7) "message" } Why does array[1] park with array[0] in the first var_dump() ? Is there a better approach to retain "</" in the array and output as does the second var_dump() ? Thanks! Quote Link to comment Share on other sites More sharing options...
mprpjo Posted October 16, 2014 Author Share Posted October 16, 2014 @ginerjm. The OP is seeing the results in the browser. The browser has parsed the </ as HTML this is why you only see the double quote. As for the 6 char string the </ has been html escaped to </ The actual output to the OP's code is this <pre>array(2) { [0]=> string(2) "</" [1]=> string(7) "message" } <pre>array(2) { [0]=> string(6) "</" [1]=> string(7) "message" } The OP is seeing the results in the browser. The browser has parsed the </ as HTML this is why you only see the double quote. Is </ modifying the behaviour and assigning incorrect values to the array or retaining </ but not displaying correctly? where should I see the results that will match to yours, and also see <pre> in the output? To me, Chrome and Firefox results in the same output. Is the sanitize function correct approach to retain </ string in the array? Please suggest alternative approaches, Thanks! Quote Link to comment Share on other sites More sharing options...
Solution Ch0cu3r Posted October 16, 2014 Solution Share Posted October 16, 2014 (edited) Is </ modifying the behaviour and assigning incorrect values to the array or retaining </ but not displaying correctly? Is the sanitize function correct approach to retain </ string in the array? It has nothing to do with the array. As I said eariler the browser is seeing the </ and treating it as HTML markup, identifying it as the start of a closing HTML tag. This is why text after it it does not display. To stop the browser from treating it as HTML you need to sanitize it. As I mentioned earlier applying FILTER_SANITIZE_SPECIAL_CHARS to the array causes the < to be converted to ASCII code which is < The browser will parse the ascii code and display the < character. where should I see the results that will match to yours, and also see <pre> in the output?To me, Chrome and Firefox results in the same output. You need to Right click > View source to see the actual output. Edited October 16, 2014 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.