Note: I am using Laravel 5.1. I cannot tell at the moment whether this is related to Laravel or not, it works fine on my local machine with the exact same code as is on the server. So may be server related. I've given as much information as I can think of.
I have a textarea that a user can fill in, much like the textarea on this forum. When I try to repopulate that textarea from the database for editing, multiple new lines are lost.
The database shows this:
[b]some text[/b]\r\n
A: More text\r\n
\r\n
[b]other text[/b]\r\n
A: More other text\r\n
When I put it back in a textarea input it still has new lines, but double new lines are lost:
[b]some text[/b]
A: More text
[b]other text[/b]
A: More other text
I have tried this without using the blade escape syntax (just a plain echo) with the same result.
Infact I can't tell when it is losing the whitepace at all. Here are some examples of when I can see the string having multiple whitespace and when I can't.
dd($model);
// This shows with whitespace (/r/n) in both the attributes and originals array
dd($model->column);
// This shows the multiple new lines \r\n
var_dump($model->column);
// This shows no new lines
return $model->column;
// simple return from the controller removes multiple white lines
return Response::make($model->column);
// again just outputting the plain string multiple white lines are removed
<textarea>{!! $model->column !!}</textarea>
// of course the actual problem in a blade file, no extra spaces between lines are displayed in the textarea
What's more confusing is that in vagrant the whitelines are retained just fine, only on my centos server are they lost. The code is identical which made me think it might be a mysql/php/server setting, but then dd() on the model shows the correct whitespace so it's obviously coming out of the database just fine, something is happening to the string when it's echo'd or var_dump'd (i'm not sure what dd() uses I assumed it was var_dump, perhaps not).
It does seem to be related to the database in some way though, because a form with a validation error repopulates the textarea just fine with the multiple new lines. It's only when repopulating the textarea from the database that a problem occurs.
Every result i've found trying to google this error references using nl2br, which obviously isn't helpful in this instance. I'm not trying to display the text in html, i'm trying to let a user submit a form using the textarea and then refill that textarea to let them edit the data they've submitted later on. So to be very clear, nl2br is not a solution in this instance.
A year later and this was causing a problem again, finally figured it out, it was Cloudflare's minify html setting that was causing it.
Related
I have an issue with a Wordpress premium theme and MySQL database. The value in the database box looks like this:
a:1{i:0;a:4{s:4:"name";s:9:"Trailer";s:6:"select";s:6:"iframe";s:6:"idioma";s:2:"en";s:3:"url";s:82:"https://youtube.com/sample.mp4
";}}
When I edit the YouTube link value to something else, the entire data in this box disappears on the live Wordpress page, although it is visible in the database even after refresh. I have no idea why this happens and how I can keep it from happening.
EDIT:
After i tried editing other values like post_title etc it just wont update the values at all on the live WP page.Why im doing this is because i need to add and edit mass amounts of data easily with scripts.
The string you are displaying is coming from PHP serialize. This is a way for PHP to stringify any value for later usage.
If you want to mass modify those values, your best bet is to create a PHP script that fetch the data, unserializes it, make change directly to the PHP variable it created, and serialize again to put to database.
If you want to play with the string directly, you will need to make sure you are careful.
The main reason why changing the URL of the youtube video doesn't work is because you might not be changing the string declaration too.
s:82:"https://youtube.com/sample.mp4";
This is invalid. It is split into 3 parts, using :. Type:Length:Value. So it is a string of length 82, yet you provide a 30 character string.
If you turn on NOTICE in PHP you will certainly see the errors about it.
EDIT:
After tinkering a bit on PHPFiddle.org I came up with a clean string from the one you gave, which has numerous flaws...
a:1:{i:0;a:4:{s:4:"name";s:7:"Trailer";s:6:"select";s:6:"iframe";s:6:"idioma";s:2:"en";s:3:"url";s:30:"https://youtube.com/sample.mp4";}}
Note that I changed the Length values in 2 parts, and added 2 semi-colon :
Hi I'm using a WordPress Theme which appears to be doing something weird. I'm fairly new to the PHP side of things more familiar with older ASP stuff and can't seem to wrap my head around it or find anything on it either.
I'm using a prepared statement to insert text from a textarea into the database and also to pull back the information back into the textarea. Since I'm using a prepared statement I think I'm correct in that I don't need to escape any characters etc. and can insert just as is?
The problem I'm having is when the text from the database is being displayed inside of the textarea, it's obtaining some formatting somehow. Mainly it's open and closing p tags, this doesn't happen though when I create a test page outside of the theme. I did notice that the ' and " are being escaped I guess by the prepared statement?
All I'm doing is using echo between the open and close textarea where the value goes in both situations but I'm getting different results. What I don't get is how the theme could be overwriting my value at the time I overwrite in server side code? Are there some kind of events inside of PHP that could be capturing this with a function from the theme?
Right now the only way I can figure out to work around this is to create a separate page that echo's the information for that field and if I pull it back with ajax in JQuery it looks the way it should but there is a small delay for the box to load which I don't like…
I appreciate any help I can get here ahead of time…
I have a simple html form where I am capturing three variables from the user, first is the registration number second is the date of joining and the last one is password. When I use
$regdno=$_POST["regdno"];
$doj=$_POST["doj"] ;
$password=$_POST["password"];echo $regdno;
echo $doj;
echo $password;
I am getting results printed like
113128321985/12/06myownpass
when I am using Internet explorer, firefox and opera which is correct. But when I am using Google Chrome it is showing like this
11312832 1985/12/06myownpass
Which is showing an extra blank space. Friends Why is this difference and how to rectify it?
Try using trim() in each variables
Since each browser parses and validates HTML differently. Generally speaking, if you are noticing different results in form data between browsers it is probably caused by an invalid HTML issue. Where the browser interpreted how to fix the HTML differently than the others.
Try validating your HTML code on W3: https://validator.w3.org/
It could also be caused by autocomplete data including a white-space in a previously saved value.
Lastly you should always sanitize and validate any user supplied data, no matter how trivial the information supplied is.
What's the best method for sanitizing user input with PHP?
Here is an example of the workflow a user can have on my website :
Create a task, with content: I use htmlentities to encode the content and store it in my database (yes, I've decided to store the encoded content);
The user comes back later and clicks to view the task. The thing is, the preview of the content is done in a disabled textarea.
I tried to use htmlentities_decode when printing the content in the textarea (XSS problem if the user entered bad things);
I just print the encoded text and everything is fine.
The user clicks on EDIT, this will make the textarea editable
The user clicks on SAVE.
Here is my main issue, as I didn't decode the text before I printed it, it is still encoded and when the user saves it, it is re-encoded. So, the previous content is double encoded.
So, if the first time the user enters something like:
blablabla </textarea/> yeah!
Then, it's encoded and the result is:
blablabla </textarea/> yeah!
Then, when I display it, it displays as the user previously entered it but if he saves it, the result is:
blablabla </textarea/> yeah!
And, so, if he displays it again, it is not well displayed (and it also takes more and more space in my database as the user keeps editing his task).
Well, I am sure this is a problem a lot of people have experienced but I can't find any good solution.
By the way, I am using htmlentities with ENT_QUOTES.
ahah, here is my main issue, as I didn't decode the text before I
printed it, it is still encoded and when the user save it, it is
reencoded. So, the previous content is double-encoded.
This is actually correct, you shouldn't decode the text before you print it. In fact, it must be HTML encoded when output in the HTML page. It is not still encoded when the user submits it because the browser will have already interpreted the HTML entities.
Unless... you are creating a TEXT_NODE in the DOM and assigning the encoded data to this (in the textarea)? In which case the browser will not interpret the HTML entities and you will end up resubmitting already encoded data. Assign to the innerHTML property instead, if this is the case. However, the HTML entities would be clearly visible in the form to the end user (on the first edit), before the data is submitted, which does not appear to be the case?
Hum,
I fixed my problem.
I didn't noticed but for the first entry, I was using htmlentities() and when editing, I was using the Zend escape() function.
Using only htmlentities() fixed the problem. I don't know how the escape() function of ZF works, but I won't use it in the future :p
Thanks you for answers :)
Anyway, so, I am wondering, the htmlentities_decode() function, in which situation should it be used? As I htmlentities() when I get the form and print it like that, I never use the htmlentities_decode(). Is that normal? So I am wondering what is this function used for?
Thanks again!
I've Googled this and browsed through SO and Programmers.stackexchange and not found a mention.
Background:
I'm working on a project where the users and the designer would like me to truncate the text I output to an updateable form for visual appeal. They don't want the text to be cut off by the end of the input field and want the text in the box to fit the length of the box.
Problem:
I know how to truncate the strings and I know how to get my script to ignore fields that weren't updated. What I don't know how to do is keep the data integrity from breaking down when users start updating the fields. Because the fields would no longer contain the full value, this seems like it would introduce serious flaws when I update the database.
Question:
Is there any way that I can give them what they want in terms of a truncated presentation, and then cause the full text of each input to appear if they try to edit that input... or do I just have to go back and say "What you want can't be done?" I'm open to other suggestions too. :)
I think you may be looking for the text-overflow CSS property.
If I understand correctly, you have a few challenges here. You need to display some data in the form truncated, which is relatively simple. You also need to make the data display in full if it's edited, and also substitute in full data for truncated data when the form is submitted, but avoid wiping out changes that your users have made.
You could do this with jQuery. Display the truncated data, but use .data() to store the full data. Also use .data() to store a flag on each field so you know if it has been edited or not. When a field gets focus, sub in the full data. When the form is submitted, check each field's flag to see if it's been edited. If it has, leave it alone. If the data has not been edited, remove the field contents and swap in the full length data. Then submit the form.
You'll present truncated data, allow the full data to be edited, and avoid submitting the truncated data if it's not edited.
I would consider something along the lines where you keep properties that contains the truncated string and the fulls string, and use the truncated string for display purposes. When they click into the form field, you could replace it with the full string. If there are no changes, then the value of the input would match the full string property. Along that principal, if they didn't change anything replace it, with the truncated string again.
If they have edited anything, you could then dynamically create an edited property to store the edited version of the string from the input field.
Basically at this point it would just be some simple property tests/equality checks.