Jump to content

[SOLVED] Outputting Content Of A Database Correctly.

Vermillion

By Vermillion
in PHP Coding Help

Recommended Posts

Vermillion Member

Vermillion

Posted
Posted

Okay yeah, so I have my news system, and news system has a script so I can edit the news.

 

The script looks like this:

 

<?php

//Script to update news after submission.

session_start();

include "../../includes/dbdetails.php";
mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($dbactual);
$id = $_SESSION['id'];
$query = "SELECT * FROM access WHERE user_id = '$id' AND level = 8";
$result = mysql_query($query);
$num = mysql_num_rows($result);

if($num < 1){

echo "<strong>Hacking Attempt. Your IP and username have been logged.</strong>";
return 0;

}

include "../../includes/dbdetails.php";

$title = $_POST['title'];
$body = $_POST['body'];
$id = $_GET['id'];

mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($dbactual);

$query = "UPDATE news SET title = '$title' WHERE id = '$id'";
mysql_query($query);

$query = "UPDATE news SET body = '$body' WHERE id = '$id'";
mysql_query($query);

mysql_close();

header("location:". "index.php");

?>

 

This is the script that adds the news:

 

<?php

##################################################################
#                SCRIPT: Add News                                #
#                SCRIPT NAME: addnews.php                        #
#                AUTHOR: Andrés Ibañez | Vermillion              #
##################################################################

require "../../includes/dbdetails.php";

$title = $_POST['title'];
$body = $_POST['body'];
$date = date("Y-m-d");
$time = date("G:i A");

mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db("vghack");

$body = nl2br($body);
$body = mysql_real_escape_string($body);
$title = mysql_real_escape_string($title);

$query = "INSERT INTO news(title, body,time,date) VALUES('$title','$body','$time','$date')";

mysql_query($query);

header("location:".$_SERVER['HTTP_REFERER']);

?>

 

Thing is, when I am editing one, the content is not displayed properly in the edit window.

 

This is what is outputted. Notice that the script displays all the line break tags.

akitchin Regular Member

akitchin

Posted
Posted

i would imagine it's because you've still got entries in the database that have stored br tags.  your other option is simply to strip the br tags out of the content when putting it into the editor:

 

$body = str_replace('<br />', '', $row['body']);

 

but nl2br() also places carriage returns and newlines after the br tags, so you'll end up with double spaces regardless.  again, your best bet is to start fresh with a new set of entries that don't store the br tags directly, and simply convert them when outputting to the browser.

Vermillion Member

Vermillion

Posted
  • Author
Posted

Output Script:

 

<?php

include "../../includes/dbdetails.php"; //Include database details.

mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($dbactual);

$id = $_GET['id'];
$query = "SELECT * FROM news WHERE id = '$id'";
$result = mysql_query($query);
$rows = mysql_fetch_array($result);

$title = $rows['title'];
$body = nl2br(stripslashes($rows['body']));

echo "<form method=\"post\" action=\"editednews.php?id={$id} \">";
echo "<input type=\"text\" name=\"title\" value=\"$title\" /><br />";
echo "<textarea name=\"body\" cols=\"80\" rows=\"20\">$body</textarea><br />";
echo "<input type=\"submit\" value=\"Submit\" />";
echo "</form>";

?>

 

Input Script:

 

<?php

##################################################################
#                SCRIPT: Add News                                #
#                SCRIPT NAME: addnews.php                        #
#                AUTHOR: Andrés Ibañez | Vermillion              #
##################################################################

require "../../includes/dbdetails.php";

$title = $_POST['title'];
$body = $_POST['body'];
$date = date("Y-m-d");
$time = date("G:i A");

mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db("vghack");

$body = mysql_real_escape_string($body);
$title = mysql_real_escape_string($title);

$query = "INSERT INTO news(title, body,time,date) VALUES('$title','$body','$time','$date')";

mysql_query($query);

header("location:".$_SERVER['HTTP_REFERER']);

?>

 

Optionally, this is the script with a little preview:

 

<?php

require "../../includes/dbdetails.php";

mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db("vghack");

$query = "SELECT * FROM news ORDER BY time DESC, date DESC";
$result = mysql_query($query);
$num = mysql_num_rows($result);
$i = 0;

echo "<form method=\"post\" action=\"deletenews.php\">";

while($i < $num){

$id = mysql_result($result,$i,"id");
$title = mysql_result($result,$i,"title");
$body = mysql_result($result,$i,"body");
$date = mysql_result($result,$i,"date");
$time = mysql_result($result,$i,"time");

echo "<table class=\"newstitle\" onclick=\"toggleItem('_$id')\" width=\"100%\"><tr><td width=\"50%\">$title</td><td align=\"right\" width=\"100%\">$date at $time</td></tr></table>";

echo "<a href=\"deletenews.php?id=$id\" class=\"small_link\">Delete</a> - <a href=\"editnews.php?id=$id\" class=\"small_link\">Edit</a> - <input type=\"checkbox\" name=\"news_id[]\" value=\"$id\" />";

echo "<div class=\"bodynews\" id=\"_$id\" style=\"display:none;\">$body</div>";

$i++;

}

echo "<br /><br />";
echo "<input type=\"submit\" value=\"Delete Selected\" />";
echo "</form>";

?>

 

I will use the second option if I really can't figure it out.

 

Still not working =(.

akitchin Regular Member

akitchin

Posted
Posted

the issue with your output script is that you're still running nl2br() on the body before putting it into a textarea.  there's no point in doing this - textareas automatically and properly format carriage returns and linebreaks.  when i say use nl2br() on the output, i mean when you're actually displaying the final text to users, not editing it in a textarea.

 

another note - you don't need to use GET to send the id in the form.  simply putting in a hidden input with the name "id" allows you to use POST the entire way through the processing.

Vermillion Member

Vermillion

Posted
  • Author
Posted

Oh, it is properly displayed to the users. I need it to display it properly to me for when I edit it. You know, like when you edit a post in a forum, you don't see all the tags in the text area, you see the linebreaks.

 

And thanks about the second tip, I will see how I do about that.

akitchin Regular Member

akitchin

Posted
Posted

change this (from the first script you posted):

 

$body = nl2br(stripslashes($rows['body']));

 

to:

 

$body = stripslashes($rows['body']);

 

and it should display in your editing form without br tags, unless the tags are stored in the database from their initial insertion.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.