I am trying to submit a form with HTML data in it to my server, but it appears to be stripping it out and I cant seem to figure out why.
If I do file_get_contents("php://input") I can see my content in the raw form:
action=submit&content=%3Cp%3EAnteater+Alumni%3A+Help+current+UCI+students+reach+their+goal+of+raising+%2...registration+form%3C%2Fa%3E.%3C%2Fp%3E
But If I do print_r($_POST['content']); I see the text WITHOUT any html formatting. It is like PHP is stripping it out somehow.
I tried the following:
$data = file_get_contents("php://input");
$output = array();
parse_str($data, $output);
But this just outputs an empty array
magic_quotes_gpc is off. I have not开发者_JS百科hing else in the script modifying the content in any way.
Any ideas at all?
UPDATE: I am aware of the HTML being displayed in the browser. I am using a browser as well as curl, and dumping the content as text/plain -- the HTML formatting in the browser is not the problem.
Remember that print_r()'s output will be viewed in the browser. Unless you take special steps to handle the HTML, the browser's going to see HTML and render it as such. Unless you view the source of the page, all you'll see is the text content.
To view the uploaded HTML directly, you'd have to run it through htmlentities()/htmlspecialchars() first, which'll encode any HTML metacharacters (e.g. > to >).
As well, unless you have a special need for it, there's no reason to retrieve form submission data from php://input. That's the raw data, and most likely you'd just be parseing it anyways, which PHP has already done for you with the _GET/_POST arrays. On top of that, if the submission includes a file upload, you'll be slurping that entire file into memory, which could very well exceed your script's memory_limit and kill things right there.
There's also a note in the I/O streams PHP man page that php://input can only be read once. If your script's doing it multiple times, the second and subsequent reads will get a null.
Are you using a Framework? Check nothing is iterating through the array beforehand ie.
foreach ($_POST as $key=>$val)
{
$_POST[$key] = strip_tags($val);
}
also check you've not got any defunct mod_security rules enabled (http://www.modsecurity.org/) of course that depends on if you're using mod_sec!
try doing this
echo '<pre>';
print_r($_REQUEST);
echo '</pre>';
and
foreach ($_POST as $key=>$val)
{
echo $key .' = '. htmlentities($val) . '<br />';
}
just to make double check you're not missing something :)
EDIT: try this:
foreach ($_REQUEST as $key=>$val)
{
echo $key .' = '. htmlentities($val) . '<br />';
}
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论