Page 1 of 1

what do i wanna ask?.....don't know what to call it :P

Posted: Sat Jul 13, 2002 5:58 am
by qads
ok, i got a form which takes comments in a textarea and inserts into db, no problem there.

when it is inserted i use

Code: Select all

htmlentities($val);
to replace any "", ' etc.

when it needs to be shown on a page i use

Code: Select all

stripslashes($edit1їval]);
to remove the \

that works too, my problem is that it does't show as it was mean't to be, e.g.:

Code: Select all

text
text text text text
text text text
just like this forum.

wht can i use to make sure it shows as it was posted.

also can htmlentities(); stop users from useing java script in the posts?
cos i tried with <b> and it allowed that :?

i hope you understand what i am talking about cos i don't :roll:

thanks for your hlp in adv.

Posted: Sat Jul 13, 2002 7:11 am
by PaTTeR
When your visitors fill the textarea, they use "RETURN" buton. In submitetd string you have a new line symbols.
Use function nl2br(), but before htmlspecialchars().
htmslspecialchars() convert special characters to HTML entities

Code: Select all

$variable = nl2br(htmlspecialchars($string));
Sorry, but my PHP is better than my English :wink:

Posted: Sat Jul 13, 2002 9:29 am
by qads
thanks but that does't really help me with what i want it to do.
i want to be able to stop users from useing html and java in posts, also i want to show the posts as they were mean't to be , like this forum shows like i want it to.

will that do all that?

Posted: Sun Jul 14, 2002 12:50 am
by craginweb