Hello Guys,
Once again i need some assistance, hope you can help.
I have a MySQL DB within the db is a table with a field which i want to hold some HTML.
The Table is called CONTENT_NEWS
Field: ARTICLE_HTML
Type: longtext
Collation: armscii8_general_ci
Attributes:
Null: No
Default: None
Extra:
When i paste the HTML into the field (im doing it through phpMyAdmin until i make a front end i get the following error:
0 row(s) affected.
Warning: #1366 Incorrect string value: '\xC2\xA360 B...' for column 'article_html' at row 1
When i then try and display it in my broswer using
<?php echo htmlspecialchars($row_news['article_html']); ?>
OR
<?php echo htmlentities($row_news['article_html']); ?>
it just shows the HTML within my webpage. If i copy and paste it into another doc it works fine so the problem looks like its not actually trying to display it as HTML. Im from an ASP background and am used to doing response.write()
Any help would be greatly appriciated
Mario
Store HTML in a MYSQL table and then deploy it to a page
Moderator: General Moderators
-
mariocirillo
- Forum Newbie
- Posts: 8
- Joined: Wed Jun 03, 2009 2:58 pm
- mrvijayakumar
- Forum Commoner
- Posts: 58
- Joined: Tue Aug 18, 2009 12:39 am
- Location: Chennai city, India
- Contact:
Re: Store HTML in a MYSQL table and then deploy it to a page
Hi,
While inserting into field (ARTICLE_HTML) in table, use addslashes(article_inHtmlFormat)
While inserting into field (ARTICLE_HTML) in table, use addslashes(article_inHtmlFormat)
Re: Store HTML in a MYSQL table and then deploy it to a page
Do not use htmlentities() or htmlspecialchars() if you want the html to be rendered by the browser. Since you aren't encoding characters into the associated character entity when saving the data, you don't need to do anything when displaying it. If you were to use htmlentities() on the data before you saved it, you would then use html_entity_decode() to revert the characters.
Please note that you really shouldn't do what you are doing unless you are aware of the risks and knowledgeable about how to prevent them. You are more than likely opening yourself up to significant security holes and it may be better to use an off the shelf CMS depending on your implementation.
Also, in regards to the previous comment, addslashes() is not the appropriate method for preparing MySQL queries. Instead, you should use mysql_real_escape_string() in addition to encapsulating integers with single quotes.
Please note that you really shouldn't do what you are doing unless you are aware of the risks and knowledgeable about how to prevent them. You are more than likely opening yourself up to significant security holes and it may be better to use an off the shelf CMS depending on your implementation.
Also, in regards to the previous comment, addslashes() is not the appropriate method for preparing MySQL queries. Instead, you should use mysql_real_escape_string() in addition to encapsulating integers with single quotes.
- lord_webby
- Forum Commoner
- Posts: 44
- Joined: Wed Aug 19, 2009 9:01 am
Re: Store HTML in a MYSQL table and then deploy it to a page
I second html_entity_decode() but, if you run into problems I've found another quick way to store html is to encrypt it and then store it.mariocirillo wrote:it just shows the HTML within my webpage.
- lord_webby
- Forum Commoner
- Posts: 44
- Joined: Wed Aug 19, 2009 9:01 am
Re: Store HTML in a MYSQL table and then deploy it to a page
and then of course you need to decrypt it when you get it back
-
mariocirillo
- Forum Newbie
- Posts: 8
- Joined: Wed Jun 03, 2009 2:58 pm
Re: Store HTML in a MYSQL table and then deploy it to a page
ive decided to use includes, in my db i just have a field for the include name and then it will import the html that way.
Would you agree this is a better way of doing it?
Would you agree this is a better way of doing it?
- lord_webby
- Forum Commoner
- Posts: 44
- Joined: Wed Aug 19, 2009 9:01 am
Re: Store HTML in a MYSQL table and then deploy it to a page
yes. but if you're doing comment forms forums etc then it's easier to store the html in a db .