grinel Posted April 20, 2006 Share Posted April 20, 2006 Hey GuysI have a website where people are allowed to enter html code. its works fine with regular html, but some people are copying stuff from MSword and pasting it into my program.When i echo the field from the database, it gets a parse error because there are codes in the html such as <?, ; and stuff like that, that relates to php.Is there a way i can parse these html code before i echo it from PHP?Thanks in advance Quote Link to comment Share on other sites More sharing options...
ToonMariner Posted April 20, 2006 Share Posted April 20, 2006 Indeed - you need to use a preg_replace on the submitted html to remove bits that it doesn't like - using strip tags would stop the php but also the html....try something like...[code]<?php$lookfor = array('/(<\?)(?!>)*/','/microsoft/')$replace = array('','midocresoft');$string = preg_replace($lookfor,$replace, $_POST['string']);?>[/code]The ordering of the elements in the array ARE important $lookfor[2] will be replaced by $replace[2]... Quote Link to comment Share on other sites More sharing options...
grinel Posted April 20, 2006 Author Share Posted April 20, 2006 Thanks for the replybut the horses are out the gate, meaning i have about 3,000 users who have enterered html code. some are funky others are not. i can do this for the new entries..I am planning to remove allowing html entry.. what can i do to the already entered html code?is there a way to display the output of the html code in a text box when the user edit his post and then i can save the text version when they submit. Quote Link to comment Share on other sites More sharing options...
Ninjakreborn Posted April 20, 2006 Share Posted April 20, 2006 it might help to look at [a href=\"http://simon.incutio.com/archive/2003/10/19/htmlifying\" target=\"_blank\"]http://simon.incutio.com/archive/2003/10/19/htmlifying[/a]let me know if it helps/. Quote Link to comment Share on other sites More sharing options...
grinel Posted April 20, 2006 Author Share Posted April 20, 2006 Thanks for your reply.I tried that, but now it displays the raw html code instead of the output Quote Link to comment Share on other sites More sharing options...
Ninjakreborn Posted April 20, 2006 Share Posted April 20, 2006 You can try this.Just in and out of phpfor instance<?phpfunctions and other stuff?>then you can enter your html here<?phpthen php?>this will allow your html to come through without having errors for the php information, and if you are talking about people are trying to input php like that, you would have to create a bigger program to allow people to put in there own php for output, like a mini-browser or something, what "exactly are you having a problem with, or refering too.ALso give me a url for the website, somethign I can look at, and point me to the pages you are having the trouble and also show me to some of your source code, remember I can't see the php in view source so I need to look at that as well, but don't take long, I have to get back to studying soon.also look at this here, and see if it is of any help with this specific problem[a href=\"http://www.michelf.com/projects/php-markdown/\" target=\"_blank\"]http://www.michelf.com/projects/php-markdown/[/a] Quote Link to comment Share on other sites More sharing options...
ToonMariner Posted April 20, 2006 Share Posted April 20, 2006 You can do this on the page that displays their posts rather than on the actual script that enters the html into the database.This would allow you to filter the posts retrospectively - also you could set a cronjob up that will just loop through all the posts and do this for you so you have all the 'old' post corrected.The last suggestions of doing the retorspective updates means you could then just have the script entering posts into the database performing this job - much more efficient. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.