Jump to content

how to show code(without it executing) like this website does


Recommended Posts

im making a "code snippets" thing where i have to show the code. i really dont want to mess up and have it execute and delete my site and stuff so what makes it show code i alreayd tried the pre and textarea tags to no avail. so what is it that makes the codes not execute.. like all codes.. php html css whatever

When echoing something, PHP will never be executed (unless you use eval, but that would just be silly!). To avoid XSS problems with HTML and CSS, just use the htmlentities or htmlspecialchars functions on any input you don't trust (hopefully all input).

 

Edit: Grammar!

You have to convert the css and html to html entities,

 

For example view the source of this page where I type this  <HTML>

You can see its actually  <html>

 

With PHP you take the input and put it threw  htmlentities()

, the hard part however is figuring what part is meant to be html, if assuming your post is also meant to have real html since your posting as a admin to the site, (like on wordpress you can put html in the post, becuase you woun't XSS your own website right?)

for that you would have put tags around it.  Thats where tags like [CODE][/CODE]

Can come in handy.

 

You then would preg_match the part where you have the tags like

 

$input = preg_replace_callback('#([code](.*)[//CODE])#si','code_tags',$input);

function code_tags($input){

    $input = htmlentities($input[0]);
   return $input;

}

 

That would just "do whatever" to that bit of input and then return back into the place it orgitated with preg_replace_callback.

 

Of course next things start getting really annoying when you want return back the input to the wysiwg editor, becuase then you wil have unecode that bit again. Well it gets complicated. I've treid making my own CMS with a backend using CKeditor (some people use tinymce) and had to go threw it all.

i still dont understand. i dont want to make a wysig editor thing yet im trying to make my own webpage by myself that shows some codes like mainly php codes and some css html probably but mainly php codes. it has to show all the code so people can use the code and not have to add things in. what i thought about htmlentities is that itt changes the code to like special characters or something ... i have to have the <?php  show and the ;'""'things to show

i still dont understand. i dont want to make a wysig editor thing yet im trying to make my own webpage by myself that shows some codes like mainly php codes and some css html probably but mainly php codes. it has to show all the code so people can use the code and not have to add things in. what i thought about htmlentities is that itt changes the code to like special characters or something ... i have to have the <?php  show and the ;'""'things to show

 

Then just take the code and put it into htmlentities, it will turn all the things like  <  and  > into  <  >

So that <?php becomes    <?php  which makes it safe, but on the page it will appear as <?php

 

You might googling "htmlentities online" to find a online tool to do it manually.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.