Jump to content

function won't clear the html from string

EchoFool

By EchoFool
in PHP Coding Help

 Share

Recommended Posts

EchoFool Advanced Member

EchoFool

Posted
Posted

I have a problem with my messages system where by if a user types in html in the block of text the reciever sees it as if its a page layout.. how do i stop that from happening?

 

I currently have this before it goes into query:

 

<?php
$MessageText = mysql_real_escape_string(stripslashes($_POST['letter']));
?>

(from sender)

 

And this for when it is echo'd (The reciever reading it)

<?php
echo ucfirst(nl2br(stripslashes($MessageText)));
?>

 

Also tried:

<?php
echo ucfirst(stripslashes(nl2br($MessageText)));
?>

 

Neither worked...

Suggestions?

EchoFool Advanced Member

EchoFool

Posted
  • Author
Posted

Hang on this can't work as i call a div when some one

some one so now the message shows:

 

 

<div class='quotetop'>QUOTE <span class=PositiveMoney> </span></div><div class='quotemain'><span class=NegativeMoney>Should not be red</span></div>

 

Is there a way to give exceptions? Or to stop it on input rather than output?

EchoFool Advanced Member

EchoFool

Posted
  • Author
Posted

Basically on output say a user put <span class=name>text</span>

 

it would take into affect if that class was a valid one. So to stop people using classes and divs i needed the function that you guys have suggested.

 

So i used it, but then forgot that if a user quotes another user.

 

The quote is constructed via "<div>" to seperate the quoted message from the actual message so people know what is being quoted. How ever with , htmlentities function it has now caused the quotes to just come out as a block of text...

 

So messages that quoted a post now just looks like:

 

<div class='quotetop'>QUOTE <span class=PositiveMoney> </span></div><div class='quotemain'><span class=NegativeMoney>Should not be red</span></div>

 

So is there a way to allow certain div's with htmlentities and not others or some method of avoiding this problem?

EchoFool Advanced Member

EchoFool

Posted
  • Author
Posted

I do have that.. if a user puts [Q] it converts to :

<div class='quotetop'>QUOTE <span class=PositiveMoney> </span></div><div class='quotemain'><span class=NegativeMoney><?=$Message?>

 

And [/Q] converts to:

</span></div>

 

 

But as you can see from above it won't allow it through.. unless im misunderstanding what you mean ?

 

 

EchoFool Advanced Member

EchoFool

Posted
  • Author
Posted

The output which has <div class  etc

 

Won't be detected as CSS or HTML because of the functions before it... so itll always come out as a block of chars and nothing else. So if i put [Q] to html ... the html will just come out as just chars .like it is already right? I can't get my head around this properly =/

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.