I am not able to figure out how to get an HTML out of a simple quoted_pritable_decode command.
Consider the following code from w3schools.
$str = "Hello=0Aworld.";
echo quoted_printable_decode($str);
The output for this code is:
Hello world.
However, when I view the source it is:
Hello
world.
Well, I am trying to figure out if there is a simpler way to get the second output. I would like to store it in my database in HTML format. I am aware of way arounds like replacing the encoded part, however, is there a recommended way here?
Edit 1:
Both the answers are perfectly fine and a precise explanation from Xavier was great. Since, I just have to mark one as correct, I mark the one which I believe is more precise.
You could use nl2br() encapsulating that when you are storing it into your table.
<?php
$str = "Hello=0Aworld.";
echo nl2br(quoted_printable_decode($str));
Change your code to:
$str = "Hello=0Aworld.";
echo "<pre>" . quoted_printable_decode($str) . "</pre>";
What you echo is being interpreted as pure HTML, and HTML doesn't honor newlines, except when you use tag. You also could do a echo str_replace('\n','<br>',quoted_printable_decode($str)); (i.e. AFTER decoding)
Related
Using a standard xampp install, and running the following code inside my index.php page, I am receiving what I believe to be odd output. I'm not certain if it is a bug or if I am just not understanding this correctly.
Having read over numerous threads created here on stack overflow regarding this, I am still not sure why I am receiving this output.
<?php echo htmlspecialchars("&"); ?>
Will output the following in the source: &
But... if I use:
<?php
echo htmlspecialchars("&");
echo "<br />"
echo htmlspecialchars("&");
?>
The following will be output to source: &<br />&
I suppose I am just confused as to why the output, when viewing the html source generated by php, is generated differently when the same statement is used a second time. I assume it has something to do with double_encoding but have tried several statements to disable and enable double encoding within the htmlspecialchars function but it always seems to output & to the last call to htmlspecialchars.
Any additional input would be greatly appreciated.
My PHP tends output html in really long, difficult to read html.
If my PHP is written as:
<?php
echo "<li>";
echo "<strong>Hello</strong>";
echo "</li>";
?>
it outputs HTML like this
<li><strong>Hello</strong></li>
which dosnt look that bad, but imagine if thats within a foreach loop which out putted variants of that, all on one line..
Is there a way to get my PHP to output as neatly composed HTML ?
There is: include the whitespace in your output (for example, add \n after each tag).
However, doing that is really an exercise in futility. If you want to view the HTML yourself, get an HTML pretty printer (or use the one included in your browser's developer tools). If it's meant for a browser, the browser doesn't care.
Use a template engine like SMARTY. This will allow you to keep all your html in completely different files than your PHP (it does compile as PHP). This will improve the readability of all of your code. You can then format the html any way you see fit.
You can use the \n to make a line break.
<?php
echo "<li>\n";
echo "<strong>Hello</strong>\n";
echo "</li>\n";
?>
But why use your time on it? Chrome details console will fix it if its because you use the html source as a debug tool.
Whether this is nice or not is subjective, but it works:
<?php
for ($i = 0; $i < 5; $i++)
{
?>
<li><strong>Hello</strong></li>
<?php
}
?>
What I'm trying to get at here is that you can go in and out of PHP mode, so if you have long strands of HTML, you can format them as such, instead of echoing everything.
I'm quite new here. I'm trying to make a blog/journal site that allows users to post their own journal. I'm still quite reluctant on making it because I am really afraid of malicious code injections.
So here's a sample code:
<?php
$test = "<b>blah</b>"; //User input from SQL
echo "$test";
?>
What will come out is just the word "blah" in bold right? What I was trying to achieve was to echo "<b>blah</b>" instead. I don't want people to put some PHP codes that can actually mess up my whole web page. Please keep in mind that the variable $test is actually a MYSQL query, so that variable will be needed as an example. I know you can do echo '$test'; but it just comes out as "$test" instead. I feel like pulling my hair out I can't figure it out yet.
The second solution I know of is the htmlspecialchars(); function, but I want the strings to display as what I typed, not the converted ones...
Is there any way I can do that?
I think the OP wants the HTML itself to be output to the page, and not have the tags stripped. To achieve this, you can run the string first through htmlentities()
$test = '<b>blah</b>';
echo htmlentities($test);
This will output:
<b>blah</b>
Which will render in the page as
<b>blah</b>
Echo don't execute PHP code from string. This is impossible and this is not security hole in your code.
You can use a template engine like Twig for exemple.
If htmlspecialchars(); is not the one you are looking for, try the header() option.
header('Content-type: text/plain');
When you are gonna give <b>Hi</b> to a browser, it will be displayed in Bold and not the text be returned. But you can try this way, outputting it inside a <textarea></textarea>.
Or the other way is to use htmlentities():
<?php
$test = "<b>blah</b>"; //User input from SQL
echo htmlentities("$test");
?>
I am developing a Facebook App in which I get some text from the Database and Display it on the Page.
The Problem is that I want to insert a line Break in the variable e-g
If I copy a Text from database and store it in a Variable..
Let say
$text="I love to walk";
I want to insert a line break after "to" how can i do that?
I had tried to store the text like this in html
"I love to <html> <br> </html> but that didn't worked..
Just suppose this is the Text ..may be next time the text is entirely Differnet having no "to" word.
Depends on if you want to create new line in code output, or in HTML
$nl = "\r\n";
$nl_html = "<br />";
That exmple you provided modify like this:
$lyrics = "I love to <br> but that didn't worked.."
To automatically add line break after some text, use preg_replace
$lyrics = preg_replace('/to /',"to<br />",$lyrics);
see http://php.net/manual/en/function.preg-replace.php
$new_str = str_replace('to', 'to <br />', $str, 1);
If you want to output the text in a html page, you need to make it
$text="I love to <br /> walk";
If you want to output it to a file you need to make it
$text="I love to\r\nwalk";
or
$text="I love to\rwalk"; depending on the OS on which you will be reading the file
Hi I was having issues with this just as you do earlier today (I am new to PHP).
The way I fixed this was as follows:
$format_text = nl2br($formatthis);
You would then refer to $format_text.
What it does is it keeps the line breaks.
However I am not quite sure what you mean with your OP, after re-reading it. I went by the topic and I answered it as best I could.
If you are having trouble let's say echoing html code then most definitely you are having trouble with escaping characters.
For instance:
echo "a href="something" /a this won't work.
echo "a href=\"something\" /a this will work, notice the .
you have two options either use preg_replace or use a variable to save the value
please see php documentation for further info
I have a string that has HTML & PHP in it, when I pull the string from the database, it is echo'd to screen, but the PHP code doesn't display. The string looks like this:
$string = 'Hello <?php echo 'World';?>';
echo $string;
Output
Hello
Source Code
Hello <?php echo 'World';?>
When I look in the source code, I can see the php line there. So what I need to do is eval() just the php segment that is in the string.
One thing to consider is that the PHP could be located anywhere in the string at any given time.
* Just to clarify, my PHP config is correct, this is a case of some PHP being dumped from the database and not rendering, because I am echo'ing a variable with the PHP code in it, it fails to run. *
Thanks again for any help I may receive.
$str = "Hello
<?php echo 'World';?>";
$matches = array();
preg_match('/<\?php (.+) \?>/x', $str, $matches);
eval($matches[1]);
This will work, but like others have and will suggest, this is a terrible idea. Your application architecture should never revolve around storing code in the database.
Most simply, if you have pages that always need to display strings, store those strings in the database, not code to produce them. Real world data is more complicated than this, but must always be properly modelled in the database.
Edit: Would need adapting with preg_replace_callback to remove the source/interpolate correctly.
You shouldn't eval the php code, just run it. It's need to be php interpreter installed, and apache+php properly configured. Then this .php file should output Hello World.
Answer to the edit:
Use preg_replace_callback to get the php part, eval it, replace the input to the output, then echo it.
But. If you should eval things come from database, i'm almost sure, it's a design error.
eval() should work fine, as long as the code is proper PHP and ends with a semicolon. How about you strip off the php tag first, then eval it.
The following example was tested and works:
<?php
$db_result = "<?php echo 'World';?>";
$stripped_code = str_replace('?>', '', str_replace('<?php', '', $db_result));
eval($stripped_code);
?>
Just make sure that whatever you retrieve from the db has been properly sanitized first, since you're essentially allowing anyone who can get content into the db, to execute code.