這裏是我的代碼用htmlspecialchars()或ヶ輛()不工作
$currentPage = SITE_URL.'/'.basename($_SERVER['PHP_SELF'])."?".substr($tail,1);
//For example a URL 'http://php.net/docs.php
'
$currentPage = htmlspecialchars($currentPage);
//$currentPage = htmlentities($currentPage);
//I was hoping for a output like this 'http%3A%2F%2Fphp.net%2Fdocs.php '
echo $currentPage; //but I get http://php.net/docs.php again
我得到完全相同的輸出與輸入
使用$ _SERVER ['SCRIPT_NAME']而不是$ _SERVER ['PHP_SELF']。可以通過轉到/index.php/someotherpage.php來欺騙$ _SERVER ['PHP_SELF']。除此之外,其他人說了些什麼。 – igorw 2011-02-03 14:09:21