emopoops Posted November 22, 2009 Share Posted November 22, 2009 im making a "code snippets" thing where i have to show the code. i really dont want to mess up and have it execute and delete my site and stuff so what makes it show code i alreayd tried the pre and textarea tags to no avail. so what is it that makes the codes not execute.. like all codes.. php html css whatever Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/ Share on other sites More sharing options...
genericnumber1 Posted November 22, 2009 Share Posted November 22, 2009 When echoing something, PHP will never be executed (unless you use eval, but that would just be silly!). To avoid XSS problems with HTML and CSS, just use the htmlentities or htmlspecialchars functions on any input you don't trust (hopefully all input). Edit: Grammar! Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962978 Share on other sites More sharing options...
emopoops Posted November 22, 2009 Author Share Posted November 22, 2009 i dont follow, when echoing something... it never executes..? it always executes. i echoed into the textarea and the pre and no code came up. i dont get how to MAKE CODE SHOW UP AND NOT WORK. Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962983 Share on other sites More sharing options...
keldorn Posted November 22, 2009 Share Posted November 22, 2009 You have to convert the css and html to html entities, For example view the source of this page where I type this <HTML> You can see its actually <html> With PHP you take the input and put it threw htmlentities() , the hard part however is figuring what part is meant to be html, if assuming your post is also meant to have real html since your posting as a admin to the site, (like on wordpress you can put html in the post, becuase you woun't XSS your own website right?) for that you would have put tags around it. Thats where tags like [CODE][/CODE] Can come in handy. You then would preg_match the part where you have the tags like $input = preg_replace_callback('#([code](.*)[//CODE])#si','code_tags',$input); function code_tags($input){ $input = htmlentities($input[0]); return $input; } That would just "do whatever" to that bit of input and then return back into the place it orgitated with preg_replace_callback. Of course next things start getting really annoying when you want return back the input to the wysiwg editor, becuase then you wil have unecode that bit again. Well it gets complicated. I've treid making my own CMS with a backend using CKeditor (some people use tinymce) and had to go threw it all. Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962987 Share on other sites More sharing options...
PFMaBiSmAd Posted November 22, 2009 Share Posted November 22, 2009 Or see this link for a php built-in function that will also highlight the code - highlight_string Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962988 Share on other sites More sharing options...
emopoops Posted November 22, 2009 Author Share Posted November 22, 2009 i still dont understand. i dont want to make a wysig editor thing yet im trying to make my own webpage by myself that shows some codes like mainly php codes and some css html probably but mainly php codes. it has to show all the code so people can use the code and not have to add things in. what i thought about htmlentities is that itt changes the code to like special characters or something ... i have to have the <?php show and the ;'""'things to show Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962993 Share on other sites More sharing options...
keldorn Posted November 22, 2009 Share Posted November 22, 2009 i still dont understand. i dont want to make a wysig editor thing yet im trying to make my own webpage by myself that shows some codes like mainly php codes and some css html probably but mainly php codes. it has to show all the code so people can use the code and not have to add things in. what i thought about htmlentities is that itt changes the code to like special characters or something ... i have to have the <?php show and the ;'""'things to show Then just take the code and put it into htmlentities, it will turn all the things like < and > into < > So that <?php becomes <?php which makes it safe, but on the page it will appear as <?php You might googling "htmlentities online" to find a online tool to do it manually. Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962998 Share on other sites More sharing options...
emopoops Posted November 22, 2009 Author Share Posted November 22, 2009 wow i think this highlighting function is awesome is there a way to style the text tho? i hate green Quote Link to comment https://forums.phpfreaks.com/topic/182469-how-to-show-codewithout-it-executing-like-this-website-does/#findComment-962999 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.