NerdConcepts Posted March 13, 2007 Share Posted March 13, 2007 Well I stared writing all my eregi() validation today. Everything works fine except for the textarea validate for a business description. I allow the business to have multiple l lines in their description. I can't seem to get it to work. Basically I am just validating it to make sure no one can type in javascript or other code and have the server run it. Am I being to paranoid ? If not, how in the heck do you validate line breaks? Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/ Share on other sites More sharing options...
papaface Posted March 13, 2007 Share Posted March 13, 2007 http://uk.php.net/nl2br Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206045 Share on other sites More sharing options...
NerdConcepts Posted March 13, 2007 Author Share Posted March 13, 2007 The only thing that I seem to pick up off that link is how to replace <br>'s. I am not trying to replace them, just trying to say they are alright to use in a <textarea>. I tried to figure this out again, but I'm still getting the same error. An error occurred in script 'C:\apache2triad\htdocs\acc_new\vendor_edit.php' on line 42: eregi(): REG_BADBR here is the code that I am trying to use. if (!empty($_POST['vendor_desc'])) { $vdesc = $_POST['vendor_desc']; function br2nl($vdesc) { $vdesc = str_replace("\r\n", "\n", $vdesc); // make from windows-returns, *nix-returns $vdesc = str_replace("<br />\n", "\n", $vdesc); // to retrieve it return $vdesc; } if (eregi ('^[a-z A-Z0-9_.-\/]{5,300}$', stripslashes(trim($_POST['vendor_desc'])))) { $vdesc = escape_data($_POST['vendor_desc']); } else { $vdesc = FALSE; echo '<span class="error">There was an error procressing your description.<br /></span>'; } } else { $vdesc = FALSE; echo '<span class="error">Please enter a description.<br /></span>'; } Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206418 Share on other sites More sharing options...
papaface Posted March 13, 2007 Share Posted March 13, 2007 All you have to do is put: nl2br($_POST['textarea']); and then do what you want with it. It will keep the new lines. Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206422 Share on other sites More sharing options...
NerdConcepts Posted March 13, 2007 Author Share Posted March 13, 2007 I am still not sure where I should do that. The only way I've used nl2br is for displaying the description. So that the lines parse out when the page is loaded. But that is about it. If you could be a little more descriptive about where to use it, it would probably make since to me then. Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206435 Share on other sites More sharing options...
wildteen88 Posted March 13, 2007 Share Posted March 13, 2007 by validate are you checking to see if newline characters are in the data in the textarea and not convert the newlines to html linebreaks in the textarea? if that is the case then add '\s' (minus the quotes) to your eregi expressions. Note \s matches all whitespace characters \r, \n, spaces, tabs Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206448 Share on other sites More sharing options...
NerdConcepts Posted March 13, 2007 Author Share Posted March 13, 2007 I am trying to make sure that there are no invalid characters within the description. I don't need to convert anything. Right now I just check to see if it's empty or not. That won't work though, I don't want people to be able to insert PHP, Javascript etc into the description box and mess up my site. This isn't to hard to do because at this point it just inserts anything into the database that you type in there. if you start a new line it stores the multiple lines into the database and when I display them I have the code (only <br> at this point) parsed so that it displays just as they type it in. Example: ------------------- Description Test... Multiple Lines... ---------------- That right there would look just like that in the database and when it is displayed on the site when the end user goes to the business' page. That is why I was just trying to use eregi() to make sure there isn't any weird code in the description. But it also won't allow me to use line breaks neither. Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206643 Share on other sites More sharing options...
NerdConcepts Posted March 14, 2007 Author Share Posted March 14, 2007 No buddy has any idea what I am talking about? To make it more simple I guess, what i am trying to just do is make sure that there is no javascript or php code, etc inside the textarea when it is submitted. Anyway to do this? Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206816 Share on other sites More sharing options...
jwcsk8r Posted March 14, 2007 Share Posted March 14, 2007 this works for me.... <?php function html2txt($document){ $search = array('@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@', // Strip multi-line comments including CDATA ); $text = preg_replace($search, '', $document); return $text; } ?> and then use this.... $vdesc = html2txt($_POST[vendor_desc]); Quote Link to comment https://forums.phpfreaks.com/topic/42467-validating-line-breaks-in-a-textarea/#findComment-206820 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.