Page 1 of 1

$business = safeHTML($_POST["business"]); What is

Posted: Mon Jul 26, 2004 6:32 am
by supaseeds
I think the problems in this line:
$business = safeHTML($_POST["business"]);

safeHTML??? Is this likely to be affecting the text submitted?



I've got a variable $f[business] which is retrieved from a MYSQL database. The field is set to 'TEXT' and contains text in HTML format so its got <b> <p> etc...
Unfortunetly it reads the text as is and just prints all the HTML commands on the page ignoring it as actual code - How do I get it to read the HTML code??

Thanks in advance...[/b]

Posted: Mon Jul 26, 2004 7:06 am
by supaseeds
OK, im one step closer with

Code: Select all

echo html_entity_decode($f&#1111;business]);
but it wont read <br> or <P> etc only <B>

Posted: Mon Jul 26, 2004 7:47 am
by Weirdan
[php_man]htmlspecialchars[/php_man] ?

Posted: Mon Jul 26, 2004 8:04 am
by supaseeds
Thanks for the help but with
PHPSPECIALCHARS I get:

TEST<B>TEST</B>

printed on screen. In the MYSQL database it stores the data in the same manor, but I've noticed its simply not storing <BR> in the database at all....


I think the problems in this line:
$business = safeHTML($_POST["business"]);

safeHTML??? Is this likely to be affecting the text submitted?

Posted: Mon Jul 26, 2004 10:50 am
by feyd
how about:

Code: Select all

$business = nl2br(htmlentities($_POST['business'],ENT_QUOTES));

Posted: Mon Jul 26, 2004 10:51 am
by d_d
supaseeds wrote: I think the problems in this line:
$business = safeHTML($_POST["business"]);

safeHTML??? Is this likely to be affecting the text submitted?
Proberly, otherwise why send the submitted text through the safeHTML function?

I think safeHTML is a user function, find it and see what it does. It is proberly stoping all html from working which is proberly what you want. Then all you will need to do is replace all line breaks with <br> with either with nl2br() or str_replace().