Hi all,
Please could someone help me with this situation?
Ok here's my problem, Im using a text editor called Fckeditor and using this to store the page information in a mysql database which im later calling it the main pages. The editor seems to work fine and is storing the information in the table.
The information it stores is stored as followed
<p align=\"center\"><br /><font color=\"#ff0000\"><font face=\"Arial\" size=\"4\"><strong>appears to have forgiven the Frenchman.<br /><br /><br /></strong></font></font></p>
I believe this is so it can be inserted into a php section but im not really sure.
When it gets echoed into the page it displays as above so none of the styles work.
Can anyone please shed some light onto this for me please?
Newbie needs some help
Moderator: General Moderators
-
jonnyw6969
- Forum Newbie
- Posts: 5
- Joined: Sat Aug 12, 2006 9:31 am
feyd | Please use
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]Code: Select all
<?
include("config.php");
$sql_page=mysql_query("SELECT * FROM `cms_page` where page_name='home'");
$res_page=mysql_fetch_array($sql_page);
$des = $res_page['description'];
?>
<html>
<head>
<title>ExchangeMyLink.com | Customer Center</title>
<link href="style/take.css" rel="stylesheet" type="text/css">
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center" valign="top">
<table width="1004" border="0" cellspacing="0" cellpadding="0">
<? include("header.php");?>
<tr>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<?
if($_SESSION['full_name']!="")
{
include("leftpanel_login.php");
}
else
{
include("leftpanel.php");
}
?>
<td align="center" valign="top">
<form action="" method="post" name="form">
<input type="hidden" name="userid" value="<?=$userid?>">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td> </td>
</tr>
<tr>
<td><?php echo $des; ?></td>
</tr>
</table>
</form>
</td>
<td width="190" valign="top" bgcolor="#3B94D3">
<? include("rightpanel.php")?>
</td>
</tr>
</table></td>
</tr>
<tr>
<? include("footer.php");?>
</tr>
</table></td>
</tr>
</table>
</body>
</html>feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]-
jonnyw6969
- Forum Newbie
- Posts: 5
- Joined: Sat Aug 12, 2006 9:31 am
Ok, hope this is what you mean?
Code: Select all
<?php
ob_start();
session_start();
$admin_name=$_SESSION['admin_name'];
if($admin_name=="")
{
header("location:index.php");
}
include('auth_session.php');
include"config.php";
include('functions.inc.php');
include("FCKeditor/fckeditor.php");
$class_path = "class/";
require_once($class_path."class.rich.php");
@extract($_POST);
if(isset($_POST['submit']))
{
$pagename=$_POST['pagename'];
$rich_one=addslashes($_POST['FCKeditor1']);
//$rich_one=$_POST['rich_one'];
$sql11=mysql_query("SELECT * FROM `cms_page` where page_name='$pagename'");
$res11=mysql_num_rows($sql11);
if($res11==0)
{
$insert=mysql_query("INSERT INTO `cms_page` ( `pageid` , `page_name` , `description` ) VALUES ('', '$pagename', '$rich_one')");
header("location:add_page.php?page=$pagename");
}
else
{
mysql_query("UPDATE `cms_page` SET `description`='$rich_one' where `page_name`='$pagename'");
header("location:add_page.php?page=$pagename");
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>NoCreditCheckProperties.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
a:link, a:visited, a:active {text-decoration:none; Color: '#004750';}
a:hover {text-decoration:underline; color:#004750;}
-->
</style>
<link rel="StyleSheet" type="text/css" href="<?php echo $class_path; ?>rich_files/rich.css">
<script language="JScript.Encode" src="<?php echo $class_path; ?>rich_files/rich.js"></script>
<link href="style/take.css" rel="stylesheet" type="text/css">
<script language="JavaScript" src="admin/js_function.js"></script>
<script language="JavaScript">
function Changelink()
{
if(document.form1.pagename.value!="")
{
var p=document.form1.pagename.value;
window.location="add_page.php?page="+p;
}
}
</script>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td width="0" valign="top" class="bgleftmedical"><? include("leftpanel.php");?></td>
<td valign="top"><BR>
<table width="95%" border="2" cellspacing="0" cellpadding="0" align="center" bordercolor="#E0ECF0">
<tr bgcolor="#E0ECF0"><td colspan="2" align="center"><img src="../../../exchangemylink.com/Code/images/midbullet.gif" width="10" height="9"> <span class="txtfields"><B>Add Page</B></span></td></tr>
<tr>
<td>
<form method="POST" name="form1" action="" onsubmit="save_in_textarea_all();">
<table border="0" cellpadding="3" cellspacing="1" width="95%" align="center">
<tr>
<td width="20%" class="txtfields"><B>Choose Page Name:</B></td>
<td width="80%">
<?
$pagename=$_GET['page'];
?>
<select name="pagename" onChange="Changelink()" class="fields">
<option value="">Select</option>
<option value="home" <? if($pagename=='home') echo "selected";?>>Home Page</option>
</select>
</td>
</tr>
<tr>
<td height="27" colspan="2" class="txtfields"><b>Description:</b></td>
</tr>
<?
$pagename=$_GET['page'];
$sql22=mysql_query("SELECT * FROM `cms_page` where page_name='$pagename'");
$row=mysql_fetch_array($sql22);
?>
<tr>
<td colspan="2" height="27" class="txtfields">
<?php //$val_one=$row['description']; $ed_1 = new rich('', 'rich_one',"$val_one", "90%", 400, "/","images/");$ed_1->draw();?>
<?php
$content2=stripslashes($row['description']);
$oFCKeditor = new FCKeditor('FCKeditor1') ;
//$oFCKeditor->BasePath = '/home/vsworx/Projects/Current/AuctionSellersResource.com/Code/admin/FCKeditor/';
//$oFCKeditor->BasePath = '/home/jona7419/public_html/admin/FCKeditor/';
$oFCKeditor->BasePath = 'http://www.corfecastlefc.co.uk/admin/FCKeditor/';
$oFCKeditor->Value = $content2;
$oFCKeditor->Create() ;
?>
</td>
</tr>
<tr>
<td height="27" colspan="2" align="center"><input type="submit" name="submit" value="Submit" class="fields1"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</td>
</tr>
</table><br><br><br><br><br><br><br><br><br><BR>
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td valign="top" align="right" colspan="2"><?php include('header.php');?></td>
</tr>
</table>
</body>
</html>- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
I'm going to guess that your host has magic_quotes_gpc on. Adding some logic to remove the slashes automatically added by php will resolve part of the problem. Then you need to property escape each of the variables being inserted (or updated) to be, overall, safe for the database. We recommend mysql_real_escape_string().
Run the following in a new file and tell us the results please.
Run the following in a new file and tell us the results please.
Code: Select all
<?php
$neg = array('off', 0, false, '', null);
$flags = array(
'Register Globals' => 'register_globals',
'Short Tags' => 'short_open_tag',
'Display Errors' => 'display_errors',
'Magic Quotes GPC' => 'magic_quotes_gpc',
'Magic Quotes Runtime' => 'magic_quotes_runtime',
'Magic Quotes Sybase' => 'magic_quotes_sybase',
);
$ve = phpversion();
$os = PHP_OS;
$er = intval(error_reporting());
foreach ($flags as $n => $v)
{
$flags[$n] = (in_array(strtolower(ini_get($v)), $neg) ? 'Off' : 'On');
}
$cli = (php_sapi_name() == 'cli');
$eol = "\n";
$gle = get_loaded_extensions();
$rows = array();
$le = '';
$wide = 4;
$j = count($gle);
$pad = $wide - $j % $wide;
$len = max(array_map('strlen', $gle));
$func = create_function('$a', 'return str_pad($a, ' . intval($len) . ');');
$gle = array_map($func, $gle);
for($i = 0; $i < $j; $i += $wide)
{
$le .= ' ' . implode(' ', array_slice($gle, $i, $wide)) . $eol;
}
$ec = array(
'E_STRICT' => 2048, 'E_ALL' => 2047, 'E_USER_NOTICE' => 1024,
'E_USER_WARNING' => 512, 'E_USER_ERROR' => 256, 'E_COMPILE_WARNING' => 128,
'E_COMPILE_ERROR' => 64, 'E_CORE_WARNING' => 32, 'E_CORE_ERROR' => 16,
'E_NOTICE' => 8, 'E_PARSE' => 4, 'E_WARNING' => 2, 'E_ERROR' => 1,
);
$e = array();
$t = $er;
foreach ($ec as $n => $v)
{
if (($t & $v) == $v)
{
$e[] = $n;
$t ^= $v;
}
}
if (ceil(count($ec) / 2) + 1 < count($e))
{
$e2 = array();
foreach ($ec as $n => $v)
{
if (!in_array($n, $e) and $n != 'E_ALL')
{
$e2[] = $n;
}
}
$er = $er . ' ((E_ALL | E_STRICT) ^ ' . implode(' ^ ', $e2) . '))';
}
else
{
$er = $er . ' (' . implode(' | ', $e) . ')';
}
if (!$cli)
{
echo '<html><head><title>quick info</title></head><body><pre>', $eol;
}
echo 'PHP Version: ', $ve, $eol;
echo 'PHP OS: ', $os, $eol;
echo 'Error Reporting: ', $er, $eol;
foreach ($flags as $n => $v)
{
echo $n, ': ', $v, $eol;
}
echo 'Loaded Extensions:', $eol, $le, $eol;
if (!$cli)
{
echo '</pre></body></html>', $eol;
}
?>