Note, as I typed this I found the problem, read end of post if you wish to see,thank you
Sure, I enter the data into the database as so:
Code: Select all
$action = $_GET['action'];
$history = $_GET['history'];
$Submit = $_GET['Submit'];
$id = $_GET['id'];
// Add / Edit history
if ($Submit == "Add")
{
$today = date('Y-m-d');
$action="";
$query = "INSERT INTO colour_history VALUES ('', '$user_id[user_id]', '$clientid', '$today','$history')";
$Update = mysql_db_query ($dbname, $query) or die(mysql_error().': '.htmlentities($query));
}
It goes in just fine, with the <> brackets or whatever else I put in.
I then draw it to the screen in a table like so:
Code: Select all
while ($id=$row["id"])
{
$result = mysql_db_query($dbname, "SELECT * FROM colour_history WHERE client_id = $clientid ORDER BY date ASC");
$row = mysql_fetch_array($result);
$id = $row["id"];
$operator_id = $row["operator_id"];
$date = $row["date"];
$history = $row["history"];
$date = convert_date($date);
$operator_array = get_stylist_name($operator_id);
//$history = htmlentities($history, ENT_NOQUOTES);
$history = htmlspecialchars($history, ENT_NOQUOTES);
echo "<tr bgcolor=\"#d5d5d5\" onMouseOver=\"this.bgColor='#BBBBBB';\" onMouseOut=\"this.bgColor='#d5d5d5';\">";
echo "<td class=\"admin-table\">$date</td>";
echo "<td class=\"admin-table\">$operator_array[name]</td>";
echo "<td class=\"admin-table\">$history</td>";
print " <td class=\"admin-table\" width=\"10%\">";
print " <div align=\"center\">";
print " <a href=\"clients_colour_history.php?id=$id&action=edit\"><img border=\"0\" src=\"images/edit.png\" alt=\"Modify\"></a> ";
print " <a href=\"clients_colour_history.php?id=$id&action=delete\"><img border=\"0\" src=\"images/delete.png\" alt=\"Delete\"></a></div>";
print " </td>";
echo "</tr>";
$row = mysql_fetch_array($result);
}
That works a treat, it's all there, on screen in the table. With the <> etc.
I then, after clicking the edit.png next to the data, go to draw it into the form to edit like so:
Code: Select all
{
// Show selected history
$Show = mysql_db_query($dbname, "SELECT * FROM colour_history WHERE id='$id'");
$ShowRow = mysql_fetch_array($Show);
$ShowDate = strip_tags($ShowRow["date"]);
$ShowHistory = strip_tags($ShowRow["history"]);
$ShowClient_id = strip_tags($ShowRow["client_id"]);
//$ShowHistory = html_entity_decode($ShowHistory, ENT_NOQUOTES);
mysql_free_result($Show);
}
// ... then later down the file
<tr>
<td valign="top" align="center">
<?
print "Colour History<br>";
print "<textarea name=\"history\" cols=\"30\" rows=\"6\" wrap=\"VIRTUAL\">";
if ($action=="edit")
{
$ShowHistory = htmlspecialchars($ShowHistory, ENT_NOQUOTES);
print($ShowHistory);
}
print "</textarea>";
?>
</td>
</tr>
and with that I just answered my question!!!!! ARRGGGHHHH I had striptags() when I pulled the data from the database. Thanks so much and sorry to waste your time.
Such a goose!!!
Rob