escaping

问题 I'm using regex pattern matching for HTML5 form validation. The latest version of Firefox gives me an error. I only started seeing this in Firefox 46. I don't think this was a problem in earlier Firefox versions. Unable to check <input pattern='[\@\%]'> because the pattern is not a valid regexp: invalid identity escape in regular expression Caused by this very simple test case: <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> </head> <form> <input pattern="[\@\%]"> </form> </html> Why is

问题 I tried building a set of arguments in a variable and passing that to a script but the behavior different from what I expected. test.sh #!/bin/bash for var in "$@"; do echo "$var" done input usr@host$ ARGS="-a \"arg one\" -b \"arg two\"" usr@host$ ./test.sh $ARGS output -a "arg one" -b "arg two" expected -a arg one -b arg two Note if you pass the quoted arguments directly to the script it works. I also can work around this with eval but I wanted to understand why the first approach failed.

问题 I just tested the backspace escape as follows: System.out.println("Hello\b"); I expected to get the output: Hell But it was: "Hello" with a square block anyone knows how java handle this? 回答1: Java doesn't 'handle' that character at all. All it knows about is a byte stream onto which the OS says it can write bytes, and it will happily write bytes into it, including an ASCII backspace. What happens when the stream receives that character has nothing whatsoever to do with Java, it is totally

问题 (NOTE: This question is not about escaping queries, it's about escaping results) I'm using GROUP_CONCAT to combine multiple rows into a comma delimited list. For example, assume I have the two (example) tables: CREATE TABLE IF NOT EXISTS `Comment` ( `id` int(11) unsigned NOT NULL auto_increment, `post_id` int(11) unsigned NOT NULL, `name` varchar(255) collate utf8_unicode_ci NOT NULL, `comment` varchar(255) collate utf8_unicode_ci NOT NULL, PRIMARY KEY (`id`), KEY `post_id` (`post_id`) )

问题 This question already has answers here : Closed 7 years ago . Possible Duplicate: JSON: why are forward slashes escaped? json.org states, that forward slashes (aka solidus, / ) can be escaped: "\/" However, unescaped slashes are valid, too: "/" What's the rational behind this? Does it come from the Javascript roots? (I.e., "</script>" is a problem in browser-based Javascript, see Douglas Crockford's comment) Or has it any other reason? 回答1: I've just published a review of this issue on my

问题 I need to parse the $PATH environment variable in my application. So I was wondering what escape characters would be valid in $PATH . I created a test directory called /bin:d and created a test script called funny inside it. It runs if I call it with an absolute path. I just can't figure out how to escape : in $PATH I tried escaping the colon with \ and wrapping it into single ' and double " quotes. But always when I run which funny it can't find it. I'm running CentOS 6. 回答1: This is

问题 If I'm in an RHTML view in Rails, it is easy to URL-escape something: <a href="/redirect?href=<%=u target %>">Foo</a> How do I do this in a string? I'd like to do something like this: <% redirect_href = "/redirect?#{url_escape target}&foo=bar&baz=some_other_stuff" -%> <a href="<%= redirect_href =>">Foo</a> This must be trivial, right? 回答1: CGI.escape will do it: <% redirect_href = "/redirect?#{CGI.escape target}&foo=bar&baz=some_other_stuff" -%> <a href="<%= redirect_href =>">Foo</a> 回答2:

问题 Can someone explain what is the difference between using mysql_real_escape_string on a string or wrapping `` around the column. For example "insert into table (``column``) values ('$string')" or $escapestring = mysql_real_escape_string($string); "insert into table (column) values ('$escapedstring')" What is the difference between these two and what should I use? Thanks. 回答1: There's a difference between the backtick ` and the single quote ' . The backtick is intended to escape table and field

问题 My server admin recently upgraded to PHP 5.3 and I'm getting a weird "bug" (or feature, as the PHP folks have it). I had mysql_real_escape_string around most of my string form data for obvious safety reasons, but now it seems this escaping is already done by PHP. <?php echo $_GET["escaped"]; ?> <form method="get"> <input type="text" name="escaped" /> </form> This outputs, if I enter for instance escape 'this test' , escape \'this test\' . Same goes if I use POST instead of GET . Is it

问题 i have an input element with & in value: <input type="checkbox" value="Biografie, životopisy, osudy, Domácí rock&pop" /> When i try sending it through an ajax request: $.ajax({ type: "POST", url: "/admin/kategorie/add/link.json", data: "id="+id+"&value="+value+"&type="+type, error: function(){alert('Chyba! Reloadněte prosím stránku.');} }); the post data that actually gets sent is: id: 1 pop: type: e value: Biografie, životopisy, osudy, Domácí rock *Note that all the variables in data are