I call for example this element SEND_EXTRA_ORDER_EMAILS_TO form my database
SEND_EXTRA_ORDER_EMAILS_TO = test<test#test.com>
when I write in my php code an echo, print_r or var_dump
eg
var_dump(SEND_EXTRA_ORDER_EMAILS_TO) it write only test.
do you have an idea how to resolve this element be cause it's make to send an email
I use php 7 and mysql 7
Tk
You can use htmlspecialchars() to escape the string so your browser wont treat your string as HTML.
$code = "<h1>Hello world</h1>";
echo htmlspecialchars($code);
// Will output <h1>Hello world</h1> without rendering the HTML in the browser
try with that htmlentities(EMAIL_FROM) and works
Related
I have a problem with eval() function. Please do not comment something like "Don't use eval" or anything of this kind of thing, as this is not helpful. I have a very good reason to use eval().
Basically I am getting a value from a text field in html on my web page as input code to be executed, like so:
$code = $_POST['code'];
Then, am passing that value to eval function in the html body, like so:
eval($code);
the results are displayed like this:
<h1>test</h1>
the above is displayed string. I want this to execute the html part of it is well. Funny thing is if I try this in a different file like this:
<?php
$code = "echo '<h1><b>TEST</b></h1>';";
eval($code);
?>
I get the desired result, which is a proper processed html element h1 with "TEST" in it.
Any ideas?
Thanks in advance
$_POST['code'] apparently contains HTML entity codes, e.g.
"echo '<h1>test</h1>';"
You need to decode it before calling eval.
eval(html_entity_decode($_POST['code']));
I have a php script that does a query in my database and returns a string ( like "2" ). I print it using
print strip_tags('2');
but in the output of my browser I get :
<body><html>2</html></body>
Is there any way to prevent the tags from beiing printed? Is it maybe that the browser auto adds them?
For all those answering about strip_tags (" 2 ");
THIS IS WRONG:
I want a siple version.php
with
echo '2';
and nothing else. It prints the tags too. I don't have the tags and then try to print.
More explanation to those who try to get easy rep
my code is:
$str = '2';
print strip_tags($str);
and it prints
<html><head></head><body>2</body></html>
It is not possible. The browser creates these elements automatically, without it there would not be any text flow(means nothing of this could be made visible). You can just use this variable for any script, it won't include the HTML tags. This is only made by the browser to make it visible for you.
You can use
header("Content-Type: text/plain");
at the beginning of your script, in order to tell the browsers you're only gonna send plain text, not html. This will prevent your browser from automatically adding those html tags.
Then, check what you print (or echo). Here, the body tag should be in html tag.
Okay so I have a php script and I need to somehow view the value of one of my variables. The thing is this variable is a very long string of XML that got returned from a server. I know it has an error message in it but I need to actually see what it is saying. If I try and Print or echo the value it only displays part followed by a ... or if I use var_dump it does the same. I've even gone as far as trying to echo a javascript alert with the value but that fails because there are single and double quotes in the xml causing the alert quotes not to be recognized correctly. I just need to see the value of this variable. Any advice? Thanks.
Edit:
Actually said that wrong. Echo and print don't display the value correctly because the tags are in <> brackets so it is recognizing as an html tag.
You can use htmlentities to output the XML string so that you can get a plaintext view of it in a browser.
<?php echo htmlentities( $xml_string); ?>
Alternatively, you can parse the XML string to reveal the error message, but this may be more complicated than what you need.
Try echo htmlentities($var, ENT_COMPAT, 'UTF-8')
i always use this:
echo "<pre>". htmlentities($s) . "</pre>";
Try this:
echo '<pre>'.$xml_string.'</pre>';
See also:
CDATA - (Unparsed) Character Data
i usaly use:
echo nl2br(str_replace('<', '<', $xml));
as its only the < that are a problem
You could just save the XML string to a file. If it's well-formed XML, you can view it with every browser (and expand/collapse nodes ^^).
Very simply, i want to make a variable reads the html code as string ,, i mean dont execute it (run it) .
the problem with the code is : i have a html file , and i want to get the content of it , and make some preg_replace for it (run a function on the html code), the problem is i cant use preg_replace, or any another function because the html code is executed by php (php reads the html code)..
i wish you understand me, i want something like highlight_string, but it save the html code in the variable.
Thank you.
you're probably trying to include or require the HTML code.
which is incorrect since it is evaluated as part of the source.
instead, use a function such as file_get_contents() to read the file into a string.
Use file_get_contents() as #David Chan suggested and then pass the result through htmlentities()... it converts the characters to HTML entities (i.e., < to <).
$getTheContent = file_get_contents($filepath);
echo htmlentities($getTheContent);
It should return the code, not executed.
I am trying to format some bad html to output into a pop window. The html is stored in a field in a mysql database.
I have been performing json_encode and htmlspecialchars on the row in the php like so:
$html = htmlentities(json_encode($row2['ARTICLE_DESC']));
and calling my makewindows function, which simply takes the html as a paramter and uses it withdocument.write like so:
<p>Click for full description </p>
This works ok, as in some html code is produced, such as the following:
http://www.nomorepasting.com/getpaste.php?pasteid=22823&seen=true&wrap=on&langoverride=html4strict
pasted there because I do not know how to wrap lines in SO
The problem is that htmlspecialchars does not seem to be stripping bad html data, as no popup window is created. The error I receive with firebug is
missing ) after argument list
However the html is outside of my control.
From what I have read, I am taking the correct steps. If I am missing something out, what is it?
My full make windows function:
function makewindows(html){
child1 = window.open ("about:blank");
child1.document.write(html);
child1.document.close();
}
You shouldn't have the single quotes in the function call. It should look like this:
<p>Click for full description </p>
Then the output will look like
<p>Click for full description </p>
which is correct.
Try it the following way:
$html = htmlentities(json_encode($row2['ARTICLE_DESC']),ENT_QUOTES);
I think the single quotation marks are not escaped by default.
Nevertheless I recommend you saving the html in a JavaScript variable before opening the window.