Jump to content

Debugging my strip comments form

giraffemedia

By giraffemedia
in PHP Coding Help

 Share

Recommended Posts

giraffemedia Member

giraffemedia

Posted
Posted

Hello,

 

i've put together a little page to strip html comments from a dreamweaver template that I use for putting newsletters together. It's working fine now but i'd appreciate any input on the security side of things or general comments if you have any.

 

I'm also looking to get the form to check for any comments embedded within comments to sort out any that have nested (not that they should be - but you never know) but i'm not sure on the regex for that so if anyone has any ideas that would be great.

 

Thanks

 

James

 

<? 
if (isset($_POST['submit'])) { // If the form has been submitted

$input_string = stripslashes($_POST['input']); // Stripslahes from the html

  $result = preg_replace('/<!--(.|\s)*?-->/', '', $input_string); // Replace the opening and closing comments tags with nothing
  
}

$result = htmlentities($result); // Keep the output as html code rather than the browser interpreting the code and showing the actual page

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Strip Comments for Newsletter</title>
<style>

body {margin:10px auto; text-align:center; font-family:"Lucida Sans Unicode", "Lucida Grande", sans-serif; font-size:12px;}
fieldset {padding:30px; border:none; background-color:#CCC;}
legend {background-color:#666; padding:5px 20px;color:#FFF;}
textarea {width:100%; font-size:11px; line-height:20px; padding-left:10px;}

</style>
</head>

<body>

<div style="margin:10px 200px;">

<h1>Strip Comments</h1>

<p>This script will strip out html comments from a web page but preserve the rest of it.</p>

<p>Simply paste the html into input and click 'Strip'. You will then be presented with the stripped version.</p>

<form action="" method="post" name="input" target="_self">

<fieldset>

    <legend>Input</legend>
    
    <textarea name="input" rows="10"><? echo $input_string; // Keep the code i've just stripped ?></textarea>
            
<br />

<input name="submit" type="submit" value="Strip it baby!" />
        
</fieldset>

<br /><br /><br />

<? 

if (isset($_POST['submit']) && (!empty($result))) { echo '

<fieldset>

<legend>Output</legend>

<textarea name="output_text" rows="10" >' . $result . '</textarea>

<br />

<input type="button" value="Select All" onClick="javascript:this.form.output_text.focus();this.form.output_text.select();"> 

</fieldset>';} else {} // Return the output in a new fieldset with a button to select the code

?>

</form>

</div>

</body>

</html>

Link to comment
Share on other sites
MadTechie Regular Member

MadTechie

Posted
Posted

Security seams okay, comments in comments will fail

in fact I would use this RegEX

'/<!--.*?-->/si'

(that doesn't support comments in comments either)

for example, this will fail

<!--
test 
<!--
another comment- ->
-->
test
-->

Leaving

test

-->

 

 

I'll move this to the RegEx section if you like

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.