Hi group,
I've set up an agenda-like system where "admins" can enter upcoming
events, including a description of the event. This description can
include HTML formatting and is entered in a <textarea>.
The problem I'm facing is this: suppose an "admin" enters a description,
but one of the attributes of a HTML tag doesn't have a closing double
quote.
An example:
<div class="summarydiv>
Short admin-written summary of the event...
</div>
Now, they submit the event. The page that lists the events just picks
this description up from the database and puts it in a <ul> list. Of
course, the unmatched quote causes _all_ subsequent HTML code to be
considered part of the description, until by chance a next double quote
is encountered. You can imagine this gives horrible and unpredictable
results for the news page.
I'm thinking of a few possibilities to solve this:
* some sort of a regex check on the description, before it is submitted
to the DB
* simply counting the number of double quotes between < > delimiters,
the number should be even
* ...?
What do you experts think? Any suggestions?
Thanks in advance,
Wald