diode Posted January 17, 2007 Share Posted January 17, 2007 Hello,I had this working, and I accidentally changed some things, thinking it was a different file, and saved it, now I'm stuck. What I'm trying to do is fix my page where it is supposed to let you type your message, then when you click on 'Preview', it loads the same page, only with a table cell containing the message you just typed. The problem is, when you type something with special characters in it, such as, "I'm posting this message.", when you click on 'Preview', it will show, "I/'m posting this message."And when I go to post it after I preview it, the message list shows it as, "I/'m" and that's it. I've spent hours trying to figure it out. Here is my the code portion that deals with posting a message:[code]<?phpsession_start();$boardno=$_GET['boardno'];$topicno=$_GET['topicno'];$message = nl2br($_POST['message']);$msgpreview = $message;$sig = $_SESSION['signature'];echo "message: <br>$message<br><br>";echo "msgpreview: <br>$msgpreview<br><br>"; if ($message == '') { echo "<form action='try.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "Type your message below: <br><br>"; echo "<textarea name='message' rows=20 cols=80 wrap>\n\n---\n$sig</textarea>"; echo "<p><input type='submit' value='Preview'/> "; echo "<input type='reset' name='reset' value='Reset'>"; echo "</form>"; } else { echo "<form action='msgredir.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "$msgpreview"; echo "<input type='hidden' name='message' value='$message'/>"; echo "<input type='submit' value='Post message'/>"; echo "</form>"; echo "<form action='try.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "Type your message below: <br><br>"; echo "<textarea name='message' rows=20 cols=80 wrap>$message</textarea>"; echo "<p><input type='submit' value='Preview'/> "; echo "<input type='reset' name='reset' value='Reset'>"; echo "</form>"; }?>[/code]Obviously I cut the code down to simply things, but it does the same thing.Any way to get this looking normal?Thanks in advance :),diode Quote Link to comment Share on other sites More sharing options...
michaellunsford Posted January 17, 2007 Share Posted January 17, 2007 you can [code=php:0] echo "msgpreview: <br>".strip_tags($msgpreview)."<br><br>";[/code] Quote Link to comment Share on other sites More sharing options...
diode Posted January 17, 2007 Author Share Posted January 17, 2007 It still didn't work. It's doing the same thing. Are forms even the correct way to go about doing this? Here is my code now:[code]<?phpsession_start();$boardno=$_GET['boardno'];$topicno=$_GET['topicno'];$message = nl2br($_POST['message']);$msgpreview = $message;$sig = $_SESSION['signature'];echo "message: <br>$message<br><br>";echo "msgpreview: <br>$msgpreview<br><br>"; if ($message == '') { echo "<form action='try.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "Type your message below: <br><br>"; echo "<textarea name='message' rows=20 cols=80 wrap>\n\n---\n$sig</textarea>"; echo "<p><input type='submit' value='Preview'/> "; echo "<input type='reset' name='reset' value='Reset'>"; echo "</form>"; } else { echo "<form action='msgredir.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "msgpreview: <br>".strip_tags($msgpreview)."<br><br>"; echo "<input type='hidden' name='message' value='$message'/>"; echo "<input type='submit' value='Post message'/>"; echo "</form>"; echo "<form action='try.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "Type your message below: <br><br>"; echo "<textarea name='message' rows=20 cols=80 wrap>$message</textarea>"; echo "<p><input type='submit' value='Preview'/> "; echo "<input type='reset' name='reset' value='Reset'>"; echo "</form>"; }?>[/code]I really appreciate it,diode Quote Link to comment Share on other sites More sharing options...
michaellunsford Posted January 17, 2007 Share Posted January 17, 2007 I'm sorry -- I've got a dose of the stupids today... Think one thing, type another.stripslashes($variable); Quote Link to comment Share on other sites More sharing options...
diode Posted January 17, 2007 Author Share Posted January 17, 2007 With that, I am still getting the same thing. loldiode Quote Link to comment Share on other sites More sharing options...
michaellunsford Posted January 17, 2007 Share Posted January 17, 2007 worst case scenario you can str_replace("\\","",$variable); Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted January 17, 2007 Share Posted January 17, 2007 Since you are using single quotes to delimit the value of the message in your form, if you have a single quote in the message it will terminate the value prematurely. The backslash is an escape character only in PHP (and MySQL), what you need to do is use the function [url=http://www.php.net/htmlentities]htmlentities[/url] with [b]ENT_QUOTES[/b] as the second parameter when you put the value in the form.[code]<?php echo "<form action='msgredir.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "msgpreview: <br>".strip_tags($msgpreview)."<br><br>"; echo "<input type='hidden' name='message' value='" . htmlentities($message,ENT_QUOTES) . "'/>"; echo "<input type='submit' value='Post message'/>";?>[/code]Ken Quote Link to comment Share on other sites More sharing options...
diode Posted January 17, 2007 Author Share Posted January 17, 2007 Hey thanks, Ken. It now posts the complete message to the message list. But whenever there is a ' it still puts a slash before it.How would the pros make a message preview screen before deciding to actually post the message? lolHere is my code now:[code]<?phpsession_start();$boardno=$_GET['boardno'];$topicno=$_GET['topicno'];$message = nl2br($_POST['message']);$msgpreview = $message;$sig = $_SESSION['signature'];echo "message: <br>$message<br><br>";echo "msgpreview: <br>$msgpreview<br><br>"; if ($message == '') { echo "<form action='try.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "Type your message below: <br><br>"; echo "<textarea name='message' rows=20 cols=80 wrap>\n\n---\n$sig</textarea>"; echo "<p><input type='submit' value='Preview'/> "; echo "<input type='reset' name='reset' value='Reset'>"; echo "</form>"; } else { echo "<form action='msgredir.php?boardno=$boardno&topicno=$topicno' method='post'>";// echo "$msgpreview";// echo "msgpreview: <br>".strip_tags($msgpreview)."<br><br>"; echo "stripslashes($msgpreview)";// echo "<input type='hidden' name='message' value='$stripslashes($message)'/>"; echo "<input type='hidden' name='message' value='" . htmlentities($message,ENT_QUOTES) . "'/>"; echo "<input type='submit' value='Post message'/>"; echo "</form>"; echo "<form action='try.php?boardno=$boardno&topicno=$topicno' method='post'>"; echo "Type your message below: <br><br>"; echo "<textarea name='message' rows=20 cols=80 wrap>$message</textarea>"; echo "<p><input type='submit' value='Preview'/> "; echo "<input type='reset' name='reset' value='Reset'>"; echo "</form>"; }?>[/code]Thanks :),diode Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted January 17, 2007 Share Posted January 17, 2007 You should always use the stripslashes() function on the incoming text. Only use the nl2br() function when you're displaying the text.[code]<?php$message = stripslashes($_POST['message']);$msgpreview = $message;?>[/code][code]<?phpecho "message: <br>nl2nbr($message)<br><br>";echo "msgpreview: <br>nl2br($msgpreview)<br><br>";?>[/code]and[code]<?phpecho "<input type='hidden' name='message' value='" . nl2br(htmlentities($message,ENT_QUOTES)) . "'/>";?>[/code]Ken Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.