[PHP] HTMLSpecialchars

2001-04-18 Thread Dddogbruce \(@home.com\) 

I'm having a problem with HTMLspecialchars and nl2br interfearing with
each other.  Obviously, I'm trying to stop malicous HTML/scripts from
being entered into my guestbook, but I'm also trying to add spacing.
nl2br adds , but HTMLspecialchars tells it to not show that.

Anyways, I'm sure there is a way around this.  All help is welcome, so
I'm eager for replys.  Thank you very, very much!

-Owen


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] htmlspecialchars() alias

2002-01-17 Thread Jason G. 

Hello General and Dev list,

Considering the fact that it is good practice to use htmlspecialchars() 
anytime you are outputting non-html content to the browser...

After typing the 16 characters in the htmlspecialchars() function thousands 
of times...

I was wondering if it would be feasible to create an alias for this 
function, say hsc() or something short.

Even nicer, but probably not practical would be a language extension like:
   being the same as  

It is no big deal, but for a function that is used ALL THE TIME, it would 
be nice.

Any Comments???

-Jason Garber
www.IonZoft.com
www.Univo.biz


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] htmlspecialchars Problem

2001-02-01 Thread Karl J. Stubsjoen 

When I perform thi function:
$new = htmlspecialchars("Test", ENT_QUOTES);

I get the following error:

Warning: Wrong parameter count for htmlspecialchars() in
utility/HTMLFormObjects1-1.php on line 135


Anyone know why?


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] HTMLSpecialchars

2001-04-18 Thread David Robley 

On Thu, 19 Apr 2001 14:36, [EMAIL PROTECTED] wrote:
> I'm having a problem with HTMLspecialchars and nl2br interfearing with
> each other.  Obviously, I'm trying to stop malicous HTML/scripts from
> being entered into my guestbook, but I'm also trying to add spacing.
> nl2br adds , but HTMLspecialchars tells it to not show that.
>
> Anyways, I'm sure there is a way around this.  All help is welcome, so
> I'm eager for replys.  Thank you very, very much!
>
> -Owen

Perhaps if you do the nl2br after rather than before htmlspecialchars? Or 
just use nl2br when you actually display the text, rather than trying to 
put the  in your database.

-- 
David Robley| WEBMASTER & Mail List Admin
RESEARCH CENTRE FOR INJURY STUDIES  | http://www.nisu.flinders.edu.au/
AusEinet| http://auseinet.flinders.edu.au/
Flinders University, ADELAIDE, SOUTH AUSTRALIA

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

RE: [PHP] HTMLSpecialchars

2001-04-18 Thread Jason Murray 

> I'm having a problem with HTMLspecialchars and nl2br interfearing with
> each other.  Obviously, I'm trying to stop malicous HTML/scripts from
> being entered into my guestbook, but I'm also trying to add spacing.
> nl2br adds , but HTMLspecialchars tells it to not show that.
> 
> Anyways, I'm sure there is a way around this.  All help is welcome, so
> I'm eager for replys.  Thank you very, very much!

\n"
  ." \n"
  ." \n"
  ."";

// Convert < to <, etc
$output = htmlentities($content);

// change newlines to s
$output = nl2br($output);

?>

Jason

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] HTMLSpecialchars

2001-04-18 Thread Brian Clark 

Hi Dddogbruce,

@ 1:06:08 AM on 4/19/2001, Dddogbruce (@home.com) wrote:

> I'm having a problem with HTMLspecialchars and nl2br interfearing with
> each other.  Obviously, I'm trying to stop malicous HTML/scripts from
> being entered into my guestbook, but I'm also trying to add spacing.
> nl2br adds , but HTMLspecialchars tells it to not show that.

Are you sure you wouldn't rather strip all HTML? I would do that then
implement my own special "tagged" language. A lot of developers go
with the [url]htp://www.example.com[/url] type of thing.

You can strip HTML with:



> Anyways, I'm sure there is a way around this.  All help is welcome, so
> I'm eager for replys.  Thank you very, very much!

I wouldn't store 's, or any HTML for that matter, in your database
unless there's just no other choice. If you do, you wind up having to
patch a lot of small problems -- like converting 's back to
newlines if you were to quote original posts in a , for
example. If you have 's instead of the original newline
characters, then you run it through nl2br() again, you end up with
double the breaks.


-Brian
--
 PGP is spoken here: 0xE4D0C7C8
 Please, DO NOT carbon copy me on list replies.



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] HTMLSpecialchars

2001-04-19 Thread Christian Reiniger 

On Thursday 19 April 2001 07:11, you wrote:

> > I'm having a problem with HTMLspecialchars and nl2br interfearing

> // Convert < to <, etc
> $output = htmlentities($content);

Little note on the side: htmlentities () is usually better then 
htmlspecialchars (). 
(1) It has a shorter name *g* and (2) it really takes care of *all* HTML 
specialities (e.g. umlauts)

-- 
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)

/* you are not expected to understand this */

- from the UNIX V6 kernel source

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] HTMLSpecialchars

2001-04-19 Thread Dddogbruce \(@home.com\) 

Thanks for all the advice, Brian.  If you're referring to a database as
MySQL or any other database  technology then I guess I haven't been precise
enough.  I'm really quite new into PHP and I'm just using text files for
now.  I'm slowly working my way up to MySQL, but fooling around with my
learned skills first.

Thanks!

-Owen
o-canada.org




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] htmlspecialchars() backwards?

2001-09-25 Thread Jay Paulson 

hello-

Is there a built in function that will reverse what htmlspecialchars() does
to text?
For example:

$text = " here\" and \' there";
$text = htmlspecialchars($text);

//now all the special codes are in the $text var for the html and now I want
to get
//back to the orignal string of " here\" and \' there" how do
I do that?

$text = (some function here)($text);

I hope you understand if not I'll explain more.

Thanks!
jay


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

RE: [PHP] htmlspecialchars() alias

2002-01-18 Thread Jon Haworth 

> I was wondering if it would be feasible to create
> an alias for this function, say hsc() or something
> short.

function hsc ($foo) { 
  $foo = htmlspecialchars ($foo);
  return $foo;
}

HTH
Jon


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] htmlspecialchars Problem

2001-02-01 Thread David Robley 

On Fri,  2 Feb 2001 05:58, Karl J. Stubsjoen wrote:
> When I perform thi function:
> $new = htmlspecialchars("Test", ENT_QUOTES);
>
> I get the following error:
>
> Warning: Wrong parameter count for htmlspecialchars() in
> utility/HTMLFormObjects1-1.php on line 135
>
>
> Anyone know why?

What version of PHP are you using? From TFM:

Also note that the optional second argument was added in PHP 3.0.17 and PHP 
4.0.3. 

Cheers
-- 
David Robley| WEBMASTER & Mail List Admin
RESEARCH CENTRE FOR INJURY STUDIES  | http://www.nisu.flinders.edu.au/
AusEinet| http://auseinet.flinders.edu.au/
Flinders University, ADELAIDE, SOUTH AUSTRALIA

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] htmlspecialchars() and MySQL

2001-09-12 Thread Augusto Cesar Castoldi 

Hi.

can someone explain this to me?

How can I "INSERT" with mysql_query this string:
"Tsete<> "" aspas simpes '' "aspas" enter e maior e
menor<>", but I can't do a SELECT after?, I receive
error because the mysql can't understend the (").

i'm using htmlspecialchars()...

thanks.

Augusto

___
Yahoo! GeoCities
Tenha seu lugar na Web. Construa hoje mesmo sua home page no Yahoo! GeoCities. É fácil 
e grátis!
http://br.geocities.yahoo.com/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] htmlspecialchars() backwards?

2001-09-25 Thread Philip Olson 


See :

  http://www.php.net/manual/en/function.get-html-translation-table.php

An example exists in there that does this.

Regards,
Philip Olson


On Tue, 25 Sep 2001, Jay Paulson wrote:

> hello-
> 
> Is there a built in function that will reverse what htmlspecialchars() does
> to text?
> For example:
> 
> $text = " here\" and \' there";
> $text = htmlspecialchars($text);
> 
> //now all the special codes are in the $text var for the html and now I want
> to get
> //back to the orignal string of " here\" and \' there" how do
> I do that?
> 
> $text = (some function here)($text);
> 
> I hope you understand if not I'll explain more.
> 
> Thanks!
> jay
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] htmlspecialchars() and MySQL

2001-09-12 Thread Alexander Skwar 

So sprach »Augusto Cesar Castoldi« am 2001-09-12 um 08:52:29 -0300 :
> i'm using htmlspecialchars()...

Switch to addslashes() to insert the data and stripslashes() when
fetching the data from the DB + htmlentities/htmlspecialchars to display
the values.

Alexander Skwar
-- 
How to quote:   http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:   http://www.digitalprojects.com   |   http://www.iso-top.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
Uptime: 2 days 7 hours 31 minutes

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]