escaping

问题 I need to Escape a reserved word to use it as an identifier in Delphi. I thought that was accomplished by using the ampersand "&", but that doesn't seem to be working right. Any other suggestions? 回答1: I found the doc page (search for Extended Syntax ) on it, and it should be ampersand. Figured out the problem. The ampersand works for compiling and error insight, but not code completion. Good to know. I had to add an _ suffix to get code completion to work, then change it back afterwords. I

问题 I'm doing element.textContent = unescapedData to put unescaped user input on a website. Is there any way for an attacker to do something bad using this? Also, is there any way for an attacker to affect the page outside of element (meaning outside the 30rem by 3rem box) if it has the following css? max-width: 30rem; max-height: 3rem; overflow: hidden; I've thought about using weird or invalid Unicode characters, but couldn't find any information on how to accomplish this. 回答1: The relevant

问题 For a search feature I wrote a MySQL query to be executed by a PHP script. I'm not doing a fulltext search. Instead, I'm doing a search using the following method: ... WHERE field LIKE '%etc%' AND field REGEXP '[[:<:]]etc[[:>:]]' Now, my idea is to prepare these dynamic values in PHP, like: $word = '2*3%5_1^0'; // just an example $wordLike = strtr($word,array('\\'=>'\\\\','%'=>'\\%','_'=>'\\_')); // instead of my old solution: // $wordLike = preg_replace('~([%_])~', '\\\\$1', $word);

问题 I'm using a small Python script to generate some binary data that will be used in a C header. This data should be declared as a char[] , and it will be nice if it could be encoded as a string (with the pertinent escape sequences when they are not in the range of ASCII printable chars) to keep the header more compact than with a decimal or hexadecimal array encoding. The problem is that when I print the repr of a Python string, it is delimited by single quotes, and C doesn't like that. The

问题 I'm using a small Python script to generate some binary data that will be used in a C header. This data should be declared as a char[] , and it will be nice if it could be encoded as a string (with the pertinent escape sequences when they are not in the range of ASCII printable chars) to keep the header more compact than with a decimal or hexadecimal array encoding. The problem is that when I print the repr of a Python string, it is delimited by single quotes, and C doesn't like that. The

问题 The json gem does not allow for directly encoding strings to their JSON representation. I tentatively ported this PHP code: $text = json_encode($string); to this Ruby: text = string.inspect and it seemed to do the job but for some reason if the string itself contains a literal string (it's actually JS code) with newlines, these newlines \n will stay as-is \n , not be encoded to \\n . I can understand if this is the correct behaviour of #inspect , but... How does one encode a string value to

问题 I'm using the linkedin JS-API This example I'm accepting the company name from the user. So, I want to build the <script> part of the above example programmatically. This is what I've done so far, function companySearch() { var companyName = document.getElementById("companyName").value; var searchHTML = "Search Results : "; searchHTML = searchHTML + "<p> The company details are as follows"; searchHTML = searchHTML + "<script type=\"IN/CompanyProfile\" data-id=\"linkedin\" data-format=\"hover\

问题 A simple problem that I just can't find the 'right' answer too. I have a PHP script that reads people's names from a database, and display them in a table. In each row, I have hyperlinked the person's name to a JavaScript function that displays a popup with the person's name as the title - the PHP code and resulting html follows: $name = $results['name']; echo '<a href="javascript:void(0)" onclick="popup(this, '\' . $name . '\')">' . $name . '</a>'; With html: <a href="javascript:void(0)"

问题 This question already has answers here : Closed 7 years ago . Possible Duplicate: How to properly escape html form input default values in php? If I use a preset HTML input, eg: $lmao=$_POST['lmao']; echo <<<EOD <input value="{$lmao}" name="lmao" type="text"> EOD; if a " character gets into the variable, it will result in poo, and also a data loss on re-submission. I could, of course: preg_replace('/"/', '',$lmao); But what if I wanted to keep that quote? 回答1: All user-inputted data that is

问题 In the Windows command prompt, I am trying to replace the space in set string=Hello World with the string %20 . Naively trying to use the string literal %20 like this: set string=%string: =%20% results in HelloWorld20% . Trying to use the escape character ^ like this: set string=%string: =^%20% also results in HelloWorld20% . Trying to escape the % by doubling it like this: set string=%string: =%%20% results in HelloWorld%20% . I also tried to use another variable to do the replacement like