Hello,
I'm creating a backend data entry form for my authors. They will be entering data in input text fields as well as memo fields.
When I output the data they have entered onto a page for the general users of the website I want parts of what my authors entered to be capitalized and some of the memo text needs to have paragraph breaks. Is this something I need to have the authors code into the form fields when they fill them out or is there a way using php to format text as it comes out to the end-user?
Formatting text
Moderator: General Moderators
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Re: Formatting text
You should be handling that stuff code side since you should be validating their inputs anyway. If what they are inputting will ever make its way to a screen you need to validate, filter, sanitize and escape going in and coming out.
- Ambush Commander
- DevNet Master
- Posts: 3698
- Joined: Mon Oct 25, 2004 9:29 pm
- Location: New Jersey, US
Re: Formatting text
Hello, can you give examples of what input and expected output should be?
Re: Formatting text
Absolutely. The input would be a <textarea> field in a form and the user might enter a block of text like so:
"The spokesman, Osler McCarthy, said he did not know how long it would take for the court to rule, or whether the court would hear oral arguments.
The decision by the appeals court, handed down on Thursday, abruptly threw the largest custody case in recent American history into turmoil."
When i retrieve this text from mysql and print it out to the page I want it to look exactly the same.
- sage
"The spokesman, Osler McCarthy, said he did not know how long it would take for the court to rule, or whether the court would hear oral arguments.
The decision by the appeals court, handed down on Thursday, abruptly threw the largest custody case in recent American history into turmoil."
When i retrieve this text from mysql and print it out to the page I want it to look exactly the same.
- sage
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Re: Formatting text
You are going to have to manipulate that information then. At worst you would use something nl2br() but there is a lot more to it than that. You need to make sure that you do not allow malicious characters to be passed to your database (and subsequently passed to your users). You should check to make sure the content they are entering does not have certain disallowed keywords (like <span style='color:red;text-decoration:blink' title='Alert a moderator!'>grilled spam</span> or P3N1S or something along those lines - not saying your users would enter that stuff, but who knows).
If it is only formatting you want and you are not concerned with the security of your database, web app or users, then start with nl2br() to manage new lines of text.
If it is only formatting you want and you are not concerned with the security of your database, web app or users, then start with nl2br() to manage new lines of text.
Re: Formatting text
that worked perfectly. as a follow up, how do i ascertain whether users are entering bad keywords and how can one stop that?
thanks again,
sage
thanks again,
sage
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Re: Formatting text
Lists. Blacklists or whitelists. But generally you would use a list.
Re: Formatting text
Great, thanks for all your help 