[SOLVED] Allow input of html to database

[SirChick]

I was wondering.. say a user wants to bold something in a forum:

 

Some have:

[b]Test[/b]

 

then html uses:

<b>Test</b>

 

Now how do you make it so user input "allows"

[b][/b] 

etc and also means when the text is echo'd it will be

[b]bold[/b]

?

 

Is it all done in html or is php involved too ? Will string escape function disallow it or does it allow it?

[papaface]

<strong>text</strong>

 

Not sure what you mean ???

[SirChick]

LOL my bad i put bold tags around it and forgot the code tags so it was just making the font bold so i guess it must of made me look a bit odd.

 

Re-corrected now.

[papaface]

PHP is involved. It is bbcode. Search on google for it.

[marcus]

<?php
function bbcode_format($post)
{

$post = htmlentities($post);

$simple_search = array(
                                '/\[b\](.*?)\[\/b\]/is'
                                );

        $simple_replace = array(
                                '<strong>$1</strong>'
                                );

        // Do simple BBCode's
        $post = preg_replace ($simple_search, $simple_replace, $post);

        return $post;
}

$post = "[b]hello[/b]";
$p = bbcode_format($post);

echo $post."<br>";
echo $p."<br>";
?>

[SirChick]

 

<?php
$simple_search = array(
                                '/\[b\](.*?)\[\/b\]/is'
                                );

        $simple_replace = array(
                                '<strong>$1</strong>'
                                );
?>

 

 

Could you explain this part a bit... not sure i follow what thats doing ? Is it like a way to stop injection with bbcode ?

[marcus]

It's escaping the brackets to be correct format for regex. Then if

 

[b]text[/b]

 

is found somewheres in the variable, it will replace it with the strong HTML.

[SirChick]

Ok thankyou very much