这里是我的代码用htmlspecialchars()或ヶ辆()不工作
$currentPage = SITE_URL.'/'.basename($_SERVER['PHP_SELF'])."?".substr($tail,1);
//For example a URL 'http://php.net/docs.php
'
$currentPage = htmlspecialchars($currentPage);
//$currentPage = htmlentities($currentPage);
//I was hoping for a output like this 'http%3A%2F%2Fphp.net%2Fdocs.php '
echo $currentPage; //but I get http://php.net/docs.php again
我得到完全相同的输出与输入
使用$ _SERVER ['SCRIPT_NAME']而不是$ _SERVER ['PHP_SELF']。可以通过转到/index.php/someotherpage.php来欺骗$ _SERVER ['PHP_SELF']。除此之外,其他人说了些什么。 – igorw 2011-02-03 14:09:21