dkindler Posted January 23, 2009 Share Posted January 23, 2009 I have the following form that is self-calling that needs to be able to handle special characters like ' or ". Not sure what the right combination of htmlspecialchars or urlencode is to get this to work properly. Any help would be greatly appreciated! Thanks, David <form action="mini_banner.php" method="get"> <table> <tr> <td colspan="5"> <input type="text" name="text1" style="width: 185px; height:17px;" value="<?php echo $_GET[text1]; ?>" /> </textarea> </td> </tr> </table> <input type="submit" value="Create banners" /> </form> <table cellpadding="10"> <?php if ($_GET[text1]) { $text1=$_GET[text1]; echo "<tr><td><IMG src='mini_off.php?text1=$text1'></td></tr>"; } ?> </table> Quote Link to comment Share on other sites More sharing options...
haku Posted January 24, 2009 Share Posted January 24, 2009 What exactly is the problem? Quote Link to comment Share on other sites More sharing options...
dkindler Posted January 24, 2009 Author Share Posted January 24, 2009 Special characters like single and double quotes are not handled properly. Not sure how to handle these characters when passing to the other file that creates the banner image. Quote Link to comment Share on other sites More sharing options...
haku Posted January 24, 2009 Share Posted January 24, 2009 Dude, you are going to have to be more specific than 'not handled properly' if you want help. The amount of help you receive is directly proportional to the amount of information you give when asking for help. You should: 1) State what you want to happen. 2) State what is happening 3) State what you have tried that failed 4) Give code 5) Give a link to code in action For each one of these that you leave out, you cut your chances of getting help significantly. So far you have done number 4 only. Quote Link to comment Share on other sites More sharing options...
dkindler Posted January 24, 2009 Author Share Posted January 24, 2009 Hi Haku, thanks for your help. The application is a web page that creates a simple banner using the GD library. It accepts some text, calls itself and runs the banner creating program (mini_off.php). When the page is loaded it checks if the form variable has been submitted (text1), if so, it runs mini_off.php and the image appears and the text is also redisplayed in the input textarea, in case the user wants to make any changes. here is the basic code for mini_on.php <?php header('Content-type: image/gif'); session_cache_limiter('public'); // Create the image $imgname1 = 'mini_banner_on.gif'; $im1 = @imagecreatefromgif($imgname1); $gel = imagecolorallocate($im1, 36, 35, 35); imagefilledrectangle($im1, 200, 1, 209, 64, $gel); $grey1 = imagecolorallocate($im1, 101, 118, 131); // The text to draw $text1 = $_GET[text1]; // Replace path by your own font path $font1 = 'HelvNeue_reg1.ttf'; // Add the text imagettftext($im1, 10.5, 0, 16, 23, $grey1, $font1, $text1); imagegif($im1); imagedestroy($im1); ? This runs fine if the text inputed has no special characters. If a single quote is entered, for example, the quote is replaced with 2 forward slashes and the input text area on the form also gets a forward slash in front of the quote since it is calling itself. I have tried using htmlspecialchars when calling mini_on.php and using various combinations of urlencode and urldecode to get both the form text input value and the banner text to show up properly and I cannot get it to work. I think if I were to separate the pages and have the form call another page that might work better but I want to keep it this way in case the banner text is incorrect the user can make a quick change. I can not provide a link to the code in action because it is on an internal site behind a firewall. thanks again for any help you can provide. Quote Link to comment Share on other sites More sharing options...
haku Posted January 24, 2009 Share Posted January 24, 2009 Can you give us the HTML form as well? I'm guessing the method of the form is set to get - have you tried setting it to post? By setting it to get, the text is passed in the URL, and I suspect that it is automatically URL encoded. But I'm half guessing here, it will be easier to understand if you can show us the rest of your code. Quote Link to comment Share on other sites More sharing options...
dkindler Posted January 24, 2009 Author Share Posted January 24, 2009 Hi Haku, All the code is already presented in separate posts. Here is all of it: Main page: mini_banner.php <form action="mini_banner.php" method="get"> <table> <tr> <td colspan="5"> <input type="text" name="text1" style="width: 185px; height:17px;" value="<?php echo $_GET[text1]; ?>" /> </textarea> </td> </tr> </table> <input type="submit" value="Create banners" /> </form> <table cellpadding="10"> <?php if ($_GET[text1]) { $text1=$_GET[text1]; echo "<tr><td><IMG src='mini_off.php?text1=$text1'></td></tr>"; } ?> </table> Graphic banner program: <?php header('Content-type: image/gif'); session_cache_limiter('public'); // Create the image $imgname1 = 'mini_banner_on.gif'; $im1 = @imagecreatefromgif($imgname1); $gel = imagecolorallocate($im1, 36, 35, 35); imagefilledrectangle($im1, 200, 1, 209, 64, $gel); $grey1 = imagecolorallocate($im1, 101, 118, 131); // The text to draw $text1 = $_GET[text1]; // Replace path by your own font path $font1 = 'HelvNeue_reg1.ttf'; // Add the text imagettftext($im1, 10.5, 0, 16, 23, $grey1, $font1, $text1); imagegif($im1); imagedestroy($im1); ?> I tried using post instead of get. That made it worse. Seems like the text is not being passed at all, although I am not sure why. Thanks. Quote Link to comment Share on other sites More sharing options...
haku Posted January 25, 2009 Share Posted January 25, 2009 I have a couple ideas on your problem. Not 100% sure of which one it is. I think that it's probably using get. The reason post didn't work is because you were using $_POST[text1] instead of $_POST['text1'] (I'm making some assumptions here). If you use post, nothing is encoded, and it should work fine. It may also be because you are setting the header at the top of your script. Quote Link to comment Share on other sites More sharing options...
Sudden Posted January 27, 2009 Share Posted January 27, 2009 Also the function: htmlspecialchars(); might help him handle the ' and ". It reads predefined php characters and turns them into HTML entities. Quote Link to comment Share on other sites More sharing options...
BioBob Posted January 29, 2009 Share Posted January 29, 2009 wrong usage of htmlspecialchars htmlspecialchars($var,ENT_NOQUOTES,ISO-8859-1); then it wont do anything to your quotes. http://us2.php.net/htmlspecialchars The optional second argument, quote_style , tells the function what to do with single and double quote characters. The default mode, ENT_COMPAT, is the backwards compatible mode which only translates the double-quote character and leaves the single-quote untranslated. If ENT_QUOTES is set, both single and double quotes are translated and if ENT_NOQUOTES is set neither single nor double quotes are translated. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.