DamienRoche Posted September 13, 2008 Share Posted September 13, 2008 I have a nifty little script that reads a text file and outputs it into a html page. All html tags are active as I do not use htmlentities(); The problem here is that it seems to escape " or ' example: $text1b2 = "<span style='font-size:25px;'>HELLO</span>"; echo "<textarea name='text1' style='width:800px;height:400px;'>$text1b2</textarea>"; Now that works as it should. But if I put that create the variable from a file, it outputs: HELLO. and the file reads <span style=\'font-size:25px;\'>HELLO</span> No tags, nothing else. Even though it's escaping the ' around the tags. So it's rendering them to an extent. Here's is the fread, fwrite, fopen I use: TO SAVE: $text1b1 = fopen("text1.txt","w"); fwrite($text1b1, "$text1") or die ("there was an error writing to the file!"); fclose($text1b1) or die ("there was an error"); TO RECALL: $text1b1 = fopen("text1.txt","r"); $text1b2 = fread($text1b1, filesize("text1.txt")); fclose($text1b1); Anyone got any ideas how I can work around this? Thanks. Link to comment https://forums.phpfreaks.com/topic/124045-fread-and-fwrite-escaping-and/ Share on other sites More sharing options...
DamienRoche Posted September 13, 2008 Author Share Posted September 13, 2008 I am seriously handicapped. I don't know why I thought fread and write were the problem. The problem is that I am filling the variable with data from a textarea through a form. I can pass it quite happily pass a html string through session variables without any escaping. But now is the other problem: How do I pass the text in a textarea (with id) into a session variable on a form submit without it escaping any special characters? Link to comment https://forums.phpfreaks.com/topic/124045-fread-and-fwrite-escaping-and/#findComment-640386 Share on other sites More sharing options...
PFMaBiSmAd Posted September 13, 2008 Share Posted September 13, 2008 In the early days of php a lot of (un)helpful features were put in (in an effort to make the core language do things that the programmer should have been doing and only when he wanted them to be done). These were supposed to make the language easier to use, but all of them have proved to be problems and to waste both programmer's time and processing cycles. Data (from forms, urls, cookies, databases, and files) is escaped by the magic_quotes settings (which have been removed in upcoming php6 because of the problems and wasted time they causes and because they don't escape all the special characters they need to) - http://php.net/magic_quotes Link to comment https://forums.phpfreaks.com/topic/124045-fread-and-fwrite-escaping-and/#findComment-640403 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.