By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,722 Members | 1,874 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,722 IT Pros & Developers. It's quick & easy.

Forms

P: n/a
I have a problem with an HTML form. I have a form which I want to be able to
type basic HTML code into it. When the submit button is selected the data is
then previewed and added back into the text box again. Unfortunately all of
the " charachters are escaped (I think that is the correct term) ie they
have a leading \ added. This is causing me huge problems. I don't understand
why that is happening. Any ideas?

------------------CODE--------------
<?PHP
if(!isset($contents))
{
include "config.php";
mysql_connect($cfg['dbhost'], $cfg['dbuser'], $cfg['dbpasswd']);
$query = "SELECT `text` FROM `golf_contents` WHERE 1 AND `section`
LIKE '$section'";
$result = mysql_db_query($cfg['dbname'], $query);
if ($result)
{
while ($r = mysql_fetch_array($result))
{
$contents=$r["text"];
}
}
}
$output = "
<html>
<head>
<title>
Edit Text
</title>
</head>
<body>
<form method=\"POST\" action=\"edittext.php?section=$section\">
<textarea rows=\"10\" name=\"contents\" cols=\"35\">
$contents
</textarea>
<input type=\"submit\" value=\"Preview\" name=\"B1\">
<input type=\"reset\" value=\"Reset\" name=\"B2\">
</form>
<BR>Preview...<BR>
$contents
</body>
</html>
";
echo $output;
?>
Jul 16 '05 #1
Share this Question
Share on Google+
5 Replies


P: n/a
Jamie Wright wrote:
I have a problem with an HTML form. I have a form which I want to be able to
type basic HTML code into it. When the submit button is selected the data is
then previewed and added back into the text box again. Unfortunately all of
the " charachters are escaped (I think that is the correct term) ie they
have a leading \ added. This is causing me huge problems. I don't understand
why that is happening. Any ideas?


Sounds like magic_quotes_gpc is enabled on your system. To get rid of
them, before you create your output string, do this:

$contents=htmlentities(stripslashes($_POST['contents']));

stripslashes gets rid of the escape characters addslashes would add them
if you need them for a query or something

--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.

Jul 16 '05 #2

P: n/a
Cheers for that Justin. It seems to have solved one problem, but cleverly
created another. Now the

echo $output;

gives the HTML as plain text (tags and all). I'm not sure why this is
because in the text box it is as standard HTML. I'm very confused.

"Justin Koivisto" <sp**@koivi.com> wrote in message
news:D7*****************@news7.onvoy.net...
Jamie Wright wrote:
I have a problem with an HTML form. I have a form which I want to be able to type basic HTML code into it. When the submit button is selected the data is then previewed and added back into the text box again. Unfortunately all of the " charachters are escaped (I think that is the correct term) ie they
have a leading \ added. This is causing me huge problems. I don't understand why that is happening. Any ideas?


Sounds like magic_quotes_gpc is enabled on your system. To get rid of
them, before you create your output string, do this:

$contents=htmlentities(stripslashes($_POST['contents']));

stripslashes gets rid of the escape characters addslashes would add them
if you need them for a query or something

--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.

Jul 16 '05 #3

P: n/a
Jamie Wright wrote:

"Justin Koivisto" <sp**@koivi.com> wrote in message
news:D7*****************@news7.onvoy.net...
Jamie Wright wrote:

I have a problem with an HTML form. I have a form which I want to be
able to
type basic HTML code into it. When the submit button is selected the
data is
then previewed and added back into the text box again. Unfortunately all
of
the " charachters are escaped (I think that is the correct term) ie they
have a leading \ added. This is causing me huge problems. I don't
understand
why that is happening. Any ideas?


Sounds like magic_quotes_gpc is enabled on your system. To get rid of
them, before you create your output string, do this:

$contents=htmlentities(stripslashes($_POST['contents']));

stripslashes gets rid of the escape characters addslashes would add them
if you need them for a query or something

Cheers for that Justin. It seems to have solved one problem, but cleverly
created another. Now the

echo $output;

gives the HTML as plain text (tags and all). I'm not sure why this is
because in the text box it is as standard HTML. I'm very confused.


htmlentities transforms all characters to it's HTML equivalent.
Therefore, if you type in:

afdsg asdf "with </textarea> stuff"

in the textbox, that's how it should appear again, but the code will
look like:

afdsg asdf &quot;with &lt;html&gt; stuff&quot;

You need to do that because you want to preserve any quotes that are in
the content... Otherwise it could break the textarea if a "</textarea>"
was in the content.

Try this to see what I mean:

<?PHP
if(isset($_POST['contents'])){
$form_contents=htmlentities(stripslashes($_POST['contents']));
$contents=stripslashes($_POST['contents']);
}else{
$form_contents='';
$contents='';
}
?>
<html>
<head>
<title>Edit Text</title>
</head>

<body>
<form method="POST" action="">
<textarea rows="10" name="contents" cols="35"><?php echo
$form_contents ?></textarea>
<input type="submit" value="Preview" name="B1">
<input type="reset" value="Reset" name="B2">
</form>
<?php echo $contents ?>
</body>
</html>

--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.

Jul 16 '05 #4

P: n/a
> Try this to see what I mean:

<?PHP
if(isset($_POST['contents'])){
$form_contents=htmlentities(stripslashes($_POST['contents']));
$contents=stripslashes($_POST['contents']);

<SNIP>

brilliant. I understand now. Thanks for your help.

Jamie
Jul 16 '05 #5

P: n/a


Jamie Wright wrote:
Cheers for that Justin. It seems to have solved one problem, but cleverly
created another. Now the

echo $output;

gives the HTML as plain text (tags and all). I'm not sure why this is
because in the text box it is as standard HTML. I'm very confused.
This is happening because you're using htmlentities(). It's converting the <
and > (as well as other characters) into the html code, ie. &lt; and &gt;. Get
rid of it, keeping stripslashes() and your html tags will work.

Shawn


"Justin Koivisto" <sp**@koivi.com> wrote in message
news:D7*****************@news7.onvoy.net...
Jamie Wright wrote:
I have a problem with an HTML form. I have a form which I want to be able to type basic HTML code into it. When the submit button is selected the data is then previewed and added back into the text box again. Unfortunately all of the " charachters are escaped (I think that is the correct term) ie they
have a leading \ added. This is causing me huge problems. I don't understand why that is happening. Any ideas?


Sounds like magic_quotes_gpc is enabled on your system. To get rid of
them, before you create your output string, do this:

$contents=htmlentities(stripslashes($_POST['contents']));

stripslashes gets rid of the escape characters addslashes would add them
if you need them for a query or something


--
Shawn Wilson
sh***@glassgiant.com
http://www.glassgiant.com
Jul 16 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.