Page 1 of 1

htmlentities() and html_entity_decode(), with make_clickable

Posted: Mon Aug 01, 2005 1:43 am
by s.dot
I use this code to format entries into my forums

Code: Select all

function make_clickable($text) 
	{ 

   	$ret = ' ' . $text; 
  		$ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $ret); 
   	$ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $ret); 
   	$ret = preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $ret); 
   	$ret = substr($ret, 1); 
   	return($ret); 
	}

// array of smilies here ($smilies)
// array of replacements for smilies here ($smiliesimg)

// array of specialtext here ($specialtext)
// array of specialtext replacements here ($replacement)	

	$entry2 = mysql_real_escape_string(nl2br(make_clickable(htmlentities($entry, ENT_QUOTES))));
	$entry3 = str_replace($smilies, $smiliesimg, $entry2);
	$entry4 = str_replace($specialtext, $replacement, $entry3);
For some reason the make_clickable() function is converting the HTML it generates into htmlentities() (even though you can see in the code this shouldn't be.. (i think anyways))

Can someone tell me why?

It shoes up in the database as:

Code: Select all

&amp;lt;a href=\&amp;quot;http://www.link.com\&amp;quot; target=\&amp;quot;_blank\&amp;quot;&amp;gt;http://www.link.com&amp;lt;/a&amp;gt;
Edit: I promise I used tags. :-D.

Posted: Mon Aug 01, 2005 5:29 am
by timvw
You are making a call to htmlentities...

Code: Select all

$entry2 = mysql_real_escape_string(nl2br(make_clickable(htmlentities($entry, ENT_QUOTES))));

Posted: Mon Aug 01, 2005 7:59 am
by s.dot
yeah, I know that
but the make_clickable function is outside of that

make_clickable(htmlentities($entry,ENT_QUOTES))

so why is it still being converted?

Posted: Mon Aug 01, 2005 10:52 am
by s.dot
okay

Code: Select all

mysql_real_escape_string(make_clickable(nl2br(htmlentities($entry,ENT_QUOTES))));
does not convert the hyperlink to htmlentities (which is what I want)

but

Code: Select all

mysql_real_escape_string(nl2br(make_clickable(htmlentities($entry,ENT_QUOTES))));
does convert the hyperlink to entities..

is that a bit strange considering they're both outside of the htmlentities function?