Topic awaiting preservation: All the right saves in all the wrong places (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=26344" title="Pages that link to Topic awaiting preservation: All the right saves in all the wrong places (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: All the right saves in all the wrong places <span class="small">(Page 1 of 1)</span>\$

Alexer Bipolar (III) Inmate From: Juneau, Alaska Insane since: Jun 2004	posted 07-28-2005 20:07 I'm writing a PHP application that allows the user to post a message that will be sent to a mySQL database. Right now I'm testing the output of the message by running a "preview" example after the message is submitted. I'm seeing that apostrophes and quotation marks are having saving backslashes appended in front of them. Also, line breaks are not being registered. Here's the code I have: code: <?php if (!isset ($title)){ //The initial interface echo " <form action=\"post.php\" method=post> Title:    <input type=text name=\"title\" size=40> <br /> Name: <input type=text name=\"poster\" size=40> <br /><br />         <textarea name=\"actualpost\" rows=10 cols=50>Enter your post here. </textarea> <p /> <input type=submit name=\"preview\" value=\"Preview\"> </form> <br /> "; } elseif (isset($title)) { // prints the title and message, and includes a (currently useless) "submit" button echo " Here is a preview of what you are posting. Feel free to make any changes below. <p> <b>$title</b><br /> $actualpost </p> //The contents of $actualpost have now been modified by PHP. This is also shown in the textarea below. <form action=\"post.php\" method=post> Title:    <input type=text name=\"title\" size=40 value=\"$title\"><br /> Name: <input type=text name=\"poster\" size=40 value=\"$poster\"> <br /><br />         <textarea name=\"actualpost\" rows=10 cols=50>$actualpost</textarea> <p /> <input type=submit name=\"preview\" value=\"Preview\">    <input type=submit name=\"send\" value=\"Submit\"> </form> <br /> "; } ?> What do I need to do to figure out how to making the printed message ($actualpost) format as it has been written by the user? Thanks for your help. (Edited by Alexer on 07-28-2005 20:08)
DL-44 Maniac (V) Inmate From: under the bed Insane since: Feb 2000	posted 07-28-2005 20:46 nl2br - http://us3.php.net/manual/en/function.nl2br.php when adding the info to the DB/previewing before adding to the DB stripslahes - http://us3.php.net/manual/en/function.stripslashes.php when pulling the info back out of the DB, or if previewing before adding to the DB (Edited by DL-44 on 07-28-2005 20:48)
Alexer Bipolar (III) Inmate From: Juneau, Alaska Insane since: Jun 2004	posted 07-28-2005 22:01 Thanks, DL-44. The stripslashes function works perfectly. I'm having only a little trouble with nl2br. Because it retains /n, I find that every iteration of the message (if left untouched) would increase in whitespace. Instead, I changed $actualpost code: $actualpost = str_replace ("\n", '<br />', "$actualpost"); This only partially works, however. The first time the message is printed, it comes out perfectly. However, the second time it is previewed (and probably when it is submitted, as well, but I'm really not that far), I get the <br /> from the post, as well as new <br /> to match the text. I can't link to the page I'm working on, so I'll try to present an example: I first write a message like so: quote: This is my message It is a foobarrific mesage When I submit it, the example is printed thusly: quote: This is my message It is a foobarrific message . So far so good. However, in the textarea below, I now see this: quote: This is my message <br />It is a foobarrific message . If I hit preview again, the preview text will display: quote: This is my message. It is a foobarrific message And the textarea will display: quote: This is my message. <br /><br />It is a foobarrific message. Now, if I were the user, this would be easy to deal with. However, this is aimed at "real" users, and therefore I need to limit the maintenance that they need to keep. I hope this makes sense. I wish I could show you the actual page, but it's sitting on an intranet. Thanks for your help thus far.
Pugzly Paranoid (IV) Inmate From: 127.0.0.1 Insane since: Apr 2000	posted 07-29-2005 03:46 You're going to need to filter that out. I suspect that preg_replace would likely work, but I defer to the others on that. Also, I noticed inconsitencies with your code. You have some tags that have quoted values, and others that don't. An example: <form action=\"post.php\" method=post> notice that the action is quoted, method is not. For conformity, and XHTML compliance, they all have to be quoted.
DL-44 Maniac (V) Inmate From: under the bed Insane since: Feb 2000	posted 07-29-2005 03:47 No example required - the explanation is clear enough. Another possibility would be to wrap the message in <pre></pre> tags for the preview, and use the nl2br only when it's actually submitted to the DB
bitdamaged Maniac (V) Mad Scientist From: 100101010011 <-- right about here Insane since: Mar 2000	posted 07-29-2005 05:20 Instead of filtering you can do something like so: $cleanpost = str_replace ("\n", '<br />', "$actualpost"); Then you still have your orginal input in a variable and your "cleaned" input for submitting to your db. .:[ Never resist a perfect moment ]:.
Alexer Bipolar (III) Inmate From: Juneau, Alaska Insane since: Jun 2004	posted 07-29-2005 21:38 quote: notice that the action is quoted, method is not. For conformity, and XHTML compliance, they all have to be quoted. Thanks, I went ahead and corrected that. I hadn't realized that was a standard of XHTML compliance. quote: Another possibility would be to wrap the message in <pre></pre> tags for the preview, and use the nl2br only when it's actually submitted to the DB I ended up trying this, and it worked perfectly. I just fit <pre></pre> around the preview and voila: user-submitted magic! Thanks a ton! I had never heard of <pre> before. Thanks to everyone for your help. Your suggestions and input was appreciated. Ozone is always so helpful.

Topic awaiting preservation: All the right saves in all the wrong places (Page 1 of 1)\$

Alexer
Bipolar (III) Inmate

From: Juneau, Alaska
Insane since: Jun 2004

posted 07-28-2005 20:07

I'm writing a PHP application that allows the user to post a message that will be sent to a mySQL database. Right now I'm testing the output of the message by running a "preview" example after the message is submitted. I'm seeing that apostrophes and quotation marks are having saving backslashes appended in front of them. Also, line breaks are not being registered.

Here's the code I have:

code:

<?php
   
  if (!isset ($title)){
//The initial interface
    echo "
      <form action=\"post.php\" method=post>
         
        Title: &nbsp;&nbsp;&nbsp;<input type=text name=\"title\" size=40>
        <br />
        Name:  <input type=text name=\"poster\" size=40>
        <br /><br />
        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
        <textarea name=\"actualpost\" rows=10 cols=50>Enter your post here.
        </textarea>
        <p />
        <input type=submit name=\"preview\" value=\"Preview\">
         
      </form>
         
      <br />
         
    ";
    
  } elseif (isset($title)) {
// prints the title and message, and includes a (currently useless) "submit" button   
    echo "
      Here is a preview of what you are posting. Feel free to make any changes
      below.
      
      <p>
        <b>$title</b><br />
        $actualpost
      </p>
 //The contents of $actualpost have now been modified by PHP. This is also shown in the textarea below.   
      <form action=\"post.php\" method=post>
      
        Title: &nbsp;&nbsp;&nbsp;<input type=text name=\"title\" size=40
        value=\"$title\"><br />
        Name: <input type=text name=\"poster\" size=40 value=\"$poster\">
        <br /><br />
        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
        <textarea name=\"actualpost\" rows=10 cols=50>$actualpost</textarea>
        <p />
        <input type=submit name=\"preview\" value=\"Preview\"> &nbsp;&nbsp;
        <input type=submit name=\"send\" value=\"Submit\">
      </form>
      
      <br />
      
    ";
  }   
      
      
             
?>

What do I need to do to figure out how to making the printed message ($actualpost) format as it has been written by the user?

Thanks for your help.

(Edited by Alexer on 07-28-2005 20:08)

DL-44
Maniac (V) Inmate

From: under the bed
Insane since: Feb 2000

posted 07-28-2005 20:46

nl2br - http://us3.php.net/manual/en/function.nl2br.php
when adding the info to the DB/previewing before adding to the DB

stripslahes - http://us3.php.net/manual/en/function.stripslashes.php
when pulling the info back out of the DB, or if previewing before adding to the DB

(Edited by DL-44 on 07-28-2005 20:48)

Alexer
Bipolar (III) Inmate

From: Juneau, Alaska
Insane since: Jun 2004

posted 07-28-2005 22:01

Thanks, DL-44. The stripslashes function works perfectly.

I'm having only a little trouble with nl2br. Because it retains /n, I find that every iteration of the message (if left untouched) would increase in whitespace.

Instead, I changed $actualpost

code:

$actualpost = str_replace ("\n", '<br />', "$actualpost");

This only partially works, however. The first time the message is printed, it comes out perfectly. However, the second time it is previewed (and probably when it is submitted, as well, but I'm really not that far), I get the from the post, as well as new to match the text.

I can't link to the page I'm working on, so I'll try to present an example:

I first write a message like so:

quote:
This is my message
It is a foobarrific mesage

When I submit it, the example is printed thusly:

quote:
This is my message
It is a foobarrific message

.

So far so good. However, in the textarea below, I now see this:

quote:
This is my message
 It is a foobarrific message

.

If I hit preview again, the preview text will display:

quote:
This is my message.

It is a foobarrific message

And the textarea will display:

quote:
This is my message.
 It is a foobarrific message.

Now, if I were the user, this would be easy to deal with. However, this is aimed at "real" users, and therefore I need to limit the maintenance that they need to keep.

I hope this makes sense. I wish I could show you the actual page, but it's sitting on an intranet. Thanks for your help thus far.

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted 07-29-2005 03:46

You're going to need to filter that out. I suspect that preg_replace would likely work, but I defer to the others on that.

Also, I noticed inconsitencies with your code. You have some tags that have quoted values, and others that don't.

An example:
<form action=\"post.php\" method=post>

notice that the action is quoted, method is not. For conformity, and XHTML compliance, they all have to be quoted.

DL-44
Maniac (V) Inmate

From: under the bed
Insane since: Feb 2000

posted 07-29-2005 03:47

No example required - the explanation is clear enough.

Another possibility would be to wrap the message in <pre></pre> tags for the preview, and use the nl2br only when it's actually submitted to the DB

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted 07-29-2005 05:20

Instead of filtering you can do something like so:

$cleanpost = str_replace ("\n", ' ', "$actualpost");

Then you still have your orginal input in a variable and your "cleaned" input for submitting to your db.

.:[ Never resist a perfect moment ]:.

Alexer
Bipolar (III) Inmate

From: Juneau, Alaska
Insane since: Jun 2004

posted 07-29-2005 21:38

quote:
notice that the action is quoted, method is not. For conformity, and XHTML compliance, they all have to be quoted.

Thanks, I went ahead and corrected that. I hadn't realized that was a standard of XHTML compliance.

quote:
Another possibility would be to wrap the message in <pre></pre> tags for the preview, and use the nl2br only when it's actually submitted to the DB

I ended up trying this, and it worked perfectly. I just fit <pre></pre> around the preview and voila: user-submitted magic! Thanks a ton! I had never heard of <pre> before.

Thanks to everyone for your help. Your suggestions and input was appreciated. Ozone is always so helpful.