Encode entities except XHTML code?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
JAB Creations
DevNet Resident
Posts: 2341
Joined: Thu Jan 13, 2005 6:44 pm
Location: Sarasota Florida
Contact:

Encode entities except XHTML code?

Post by JAB Creations »

I have an interesting dilemma: I'd like to allow XHTML code (such as abbr elements) that are pulled from the database to not be encoded (so they end up as XHTML output and not encoded entities) while PHP does encode all other entities (mainly ampersands). By default htmlspecialchars and htmlentities are close but no cigar, thoughts please?
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Encode entities except XHTML code?

Post by requinix »

Allow all tags?

Code: Select all

$table = get_html_translation_table(); // find the replacements done by htmlentities
unset($table["<"]); unset($table[">"]); // remove < and >
 
$new = strtr($old, $table); // translate
Or just some?

Code: Select all

// complicated. just trust me on this
 
// only allow <abbr> <a> <b> and <i>
$parts = preg_split('/(<\/?(?:abbr|a|b|i)(?:\s[^>]+)?>)/is', $old, -1, PREG_SPLIT_DELIM_CAPTURE);
$flag = 1;
foreach ($parts as $key => $part) {
    if ($flag) $parts[$key] = htmlentities($part);
    $flag = 1 - $flag;
}
$new = implode("", $parts);
Last edited by requinix on Fri Nov 14, 2008 11:23 pm, edited 2 times in total.
User avatar
JAB Creations
DevNet Resident
Posts: 2341
Joined: Thu Jan 13, 2005 6:44 pm
Location: Sarasota Florida
Contact:

Re: Encode entities except XHTML code?

Post by JAB Creations »

That rocks! Thanks; you didn't have to go to all the trouble of doing a regex setup I appreciate it though.

I've escaped double quotes and both carrots...

Code: Select all

$table = get_html_translation_table(); // find the replacements done by htmlentities
unset($table['"']); unset($table["<"]); unset($table[">"]); // remove < and >
 
$new = strtr($row1['thread_title'], $table); // translate
 
echo '<h2 id="'.$row1['thread_url'].'"><a href="blog.php?'.$row1['thread_url'].'" tabindex="3">'.$new.'</a></h2>'."\n";
Here is an example of the output...

Code: Select all

<h2 id="lost-credibility-of-iso"><a href="blog.php?lost-credibility-of-iso" tabindex="3">Lost Credibility of <abbr title="International Standards Organization">ISO</abbr></a></h2>
Post Reply