using htmlentities with make_clickable function
Posted: Thu Apr 14, 2005 6:26 pm
I want to use a function that makes links clickable, along with htmlentities, so users can't paste HTML
This is what I have
then to display the message to the browser I am using
I can't get the make_clickable funtion to work.. even though I know it does work. I don't know which order to process the message in, and then which order to unprocess it in... to display to the browser.

This is what I have
Code: Select all
$name = mysql_real_escape_string(strip_tags($_COOKIE['username']));
$bold = mysql_real_escape_string($_POST['bold']);
$italic = mysql_real_escape_string($_POST['italics']);
$underline = mysql_real_escape_string($_POST['underline']);
$face = mysql_real_escape_string($_POST['face']);
$size = mysql_real_escape_string($_POST['size']);
$color = mysql_real_escape_string($_POST['color']);
$message = mysql_real_escape_string($_POST['message']);
$timeposted = time();
if($bold == "on"){
$b1 = "<B>";
$b2 = "</B>"; } ELSE {
$b1 = "";
$b2 = ""; }
if($italic == "on"){
$i1 = "<I>";
$i2 = "</I>"; } ELSE {
$i1 = "";
$i2 = ""; }
if($underline == "on"){
$u1 = "<U>";
$u2 = "</U>"; } ELSE {
$u1 = "";
$u2 = ""; }
function make_clickable($text)
{
$ret = ' ' . $text;
$ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $ret);
$ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $ret);
$ret = preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $ret);
$ret = substr($ret, 1);
return($ret);
}
$message = mysql_real_escape_string($_POST['message']);
$message2 = "<font face=$face size=$size color=$color>$b1$i1$u1$message$u2$i2$b2</font>";
$message3 = make_clickable($message2);
$message4 = htmlentities($message3, ENT_QUOTES);
mysql_query("INSERT INTO chat (name, message, timeposted) VALUES('$name','$message4', '$timeposted')");Code: Select all
$message = stripslashes(html_entity_decode($row['message']));
$message2 = str_replace($smilies, $smiliesimg, $message);
echo $message2;