ReReplace for HTML tags
All... I'm attempting to combine a few options--and I'm realizing that it's not working out as well as I'd hoped, but for obvious reasons. Hopefully, someone will know what I'm attempting to do and guide me to the light a little bit. Users make comments to a blog--when they make those comments, they are entered into the database. When we view the comments, we have set some variables so the carriage returns are placed accordingly, by doing: When we apply those variables to the comment of the blog: #Replace(blogContent,strCRLF,strHTMLCRLF,'all')# Everything works nicely from a display perspective. In order to be safe, secure and prevent anyone from entering junk into our comments--such as unclosed HTML tags or other junk that could "break" the site, I have set the following: THEN, because I thought I was wise, I did the following: #ReReplace(commentOutput,"<[^>]*>"," ","all")# This is an attempt to strip out any HTML that anyone ELSE might but in, failing to realize that I'd just stripped out my own HTML that I wanted to place in there. I am taking a guess that I'd have to get rid of the "all" in my ReReplace, but I'm not entirely sure how that'd work nor am I sure that's the right path. Can anyone offer any insight? Thanks! Russ Unger Managing Partner blueChrome design, LLC www.bluechromedesign.com 312.593.4260 :office 877.433.8427 :pager 312.873.4033 :fax Yep, we're hosting CFMX and MySQL. Email for info. ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: ReReplace for HTML tags
Russ wrote: > > Everything works nicely from a display perspective. In order to be > safe, secure and prevent anyone from entering junk into our > comments--such as unclosed HTML tags or other junk that could "break" > the site, I have set the following: > > "#Replace(commentPost,strCRLF,strHTMLCRLF,'all')#"> > > THEN, because I thought I was wise, I did the following: > > #ReReplace(commentOutput,"<[^>]*>"," ","all")# > > This is an attempt to strip out any HTML that anyone ELSE might but in, > failing to realize that I'd just stripped out my own HTML that I wanted > to place in there. I am taking a guess that I'd have to get rid of the > "all" in my ReReplace, but I'm not entirely sure how that'd work nor am > I sure that's the right path. > > Can anyone offer any insight? Switch the order. First strip ALL HTML (it is theirs), then add your own. Jochem ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: ReReplace for HTML tags
> Switch the order. First strip ALL HTML (it is theirs), then > add your own. Gah! Thanks; I don't know why it didn't occur to me to do it that way. Extra set of eyes, indeed! Peace. ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: ReReplace for HTML tags
I don't know if it'll help in your situation, but I've done a BBML parser in CF that might solve some of your problems: http://www.depressedpress.com/DepressedPress/Content/ColdFusion/CustomTa gs/DP_ParseBBML/Index.cfm The basic idea is that users are allowed a simplified version of HTML, BBML (actually an HTML-like mark up). With it they can do most formatting (bold, lists, links, images), but nothing else (script, tables, etc). In effect it lets you offer some presentation control without risk the general layout of the site. Jim Davis > -Original Message- > From: Russ [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 05, 2003 7:41 PM > To: CF-Talk > Subject: ReReplace for HTML tags > > > All... > > I'm attempting to combine a few options--and I'm realizing > that it's not working out as well as I'd hoped, but for > obvious reasons. > > Hopefully, someone will know what I'm attempting to do and > guide me to the light a little bit. > > Users make comments to a blog--when they make those comments, > they are entered into the database. When we view the > comments, we have set some variables so the carriage returns > are placed accordingly, by doing: > > > > > When we apply those variables to the comment of the blog: > #Replace(blogContent,strCRLF,strHTMLCRLF,'all')# > > Everything works nicely from a display perspective. In order > to be safe, secure and prevent anyone from entering junk into > our comments--such as unclosed HTML tags or other junk that > could "break" the site, I have set the following: > > "#Replace(commentPost,strCRLF,strHTMLCRLF,'all')#"> > > THEN, because I thought I was wise, I did the following: > > #ReReplace(commentOutput,"<[^>]*>"," ","all")# > > This is an attempt to strip out any HTML that anyone ELSE > might but in, failing to realize that I'd just stripped out > my own HTML that I wanted to place in there. I am taking a > guess that I'd have to get rid of the "all" in my ReReplace, > but I'm not entirely sure how that'd work nor am I sure > that's the right path. > > Can anyone offer any insight? > > Thanks! > > Russ Unger > Managing Partner > blueChrome design, LLC > www.bluechromedesign.com > 312.593.4260 :office > 877.433.8427 :pager > 312.873.4033 :fax > > Yep, we're hosting CFMX and MySQL. Email for info. > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: ReReplace for HTML tags
Sounds a lot like what I was contemplating tackling next, either that or reinventing something else I've done before in .asp, but... Well, your page doesn't seem to work. > -Original Message- > From: Jim Davis [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 05, 2003 6:59 PM > To: CF-Talk > Subject: RE: ReReplace for HTML tags > > > I don't know if it'll help in your situation, but I've done a BBML > parser in CF that might solve some of your problems: > > http://www.depressedpress.com/DepressedPress/Content/ColdFusio > n/CustomTa > gs/DP_ParseBBML/Index.cfm > > The basic idea is that users are allowed a simplified version of HTML, > BBML (actually an HTML-like mark up). With it they can do most > formatting (bold, lists, links, images), but nothing else (script, > tables, etc). > > In effect it lets you offer some presentation control without risk the > general layout of the site. > > Jim Davis ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: ReReplace for HTML tags
> -Original Message- > From: Russ [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 05, 2003 8:08 PM > To: CF-Talk > Subject: RE: ReReplace for HTML tags > > > Sounds a lot like what I was contemplating tackling next, > either that or reinventing something else I've done before in > .asp, but... I still haven't actually used it for anything... It started as a weekend lark and grew. (I had planned on a BLOG system, but never got around to it.) I think it's pretty feature rich and suprisingly quick (it ain't fast, but it's peppy). It's unencrypted so feel free to dig through it. > Well, your page doesn't seem to work. It's working now at least - are you sure you got the whole URL? It's quite long, impressive and manly you know. ;^) You've got to get all the way to the "index.cfm": http://www.depressedpress.com/DepressedPress/Content/ColdFusion/CustomTa gs/DP_ParseBBML/Index.cfm If the site just isn't working for you I'd be happy to send you a copy of the tag (the full package is 100kb - but a lot of that is docs and smiley graphics). Jim Davis ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: RE: ReReplace for HTML tags
htmlEditFormat htmlEditFormat. htmlEditFormat... Am I the only person in the whole world that uses this function? - Original Message - From: Russ <[EMAIL PROTECTED]> Date: Wednesday, February 5, 2003 5:57 pm Subject: RE: ReReplace for HTML tags > > Switch the order. First strip ALL HTML (it is theirs), then > > add your own. > > Gah! > > Thanks; I don't know why it didn't occur to me to do it that way. > Extraset of eyes, indeed! > > Peace. > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: RE: ReReplace for HTML tags
HEHE :) Pablo - Original Message - From: <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Wednesday, February 05, 2003 7:01 PM Subject: Re: RE: ReReplace for HTML tags > htmlEditFormat htmlEditFormat. htmlEditFormat... > > Am I the only person in the whole world that uses this function? > > - Original Message - > From: Russ <[EMAIL PROTECTED]> > Date: Wednesday, February 5, 2003 5:57 pm > Subject: RE: ReReplace for HTML tags > > > > Switch the order. First strip ALL HTML (it is theirs), then > > > add your own. > > > > Gah! > > > > Thanks; I don't know why it didn't occur to me to do it that way. > > Extraset of eyes, indeed! > > > > Peace. > > > > > ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
