How can I get the raw code of a comment in ExpressionEngine (frontend)?
The thing is this: If a comment contains Code or HTML like [quote]-Tags, the ee-native {comment}-Tag renders this as <blockquote>Life is like a box of… … but how can I get the raw code like [quote]Life is like a box of…?
I'm currently working on a Quote-Feature (frontend/JavaScript) for native EE comments. Till now I've worked with jQuery.text() or .html() … but both ways you get no tag (.text()) or html-tags (.html()).
Isn't there a way to get the raw comment code (for example into a data-attribute or script-tag) to later use with JavaScript?
Edit (1): I've tried SQL — is this the only/best way to do this?
<blockquote data-raw="{exp:query sql="SELECT exp_comments.comment AS comment_raw FROM exp_comments WHERE exp_comments.comment_id = {comment_id} "}{comment_raw}{/exp:query}">
{comment}
</blockquote>
Edit (2): The SQL works fine, but if there is a " inside the raw comment code, the whole thing breaks because the browser thinks this is the closing quote of the «data-raw»-attribute :-/ Is there a Way to 'mask' all characters? (" and ' and < and > etc.)
Edit (3): I now use a <script>-Tag to insert the {comment_raw}-code, this way the characters do not disturb.
You'd probably be better off retrieving the raw comment via an ajax call rather than adding a query for every single comment on the page. You'd avoid the performance hit and wouldn't need to worry about storing large strings in data attributes. I'd probably do something like this:
Create a new 'get_comment' template containing the {exp:query} tag with WHERE comment_id = '{segment_X}'
When a user hits the reply/quote button use jQuery.get() to send a request to your get_comment template, passing in the comment_id based on a data-commentid attribute on the reply button.
Update your input's value with the .get() response.
Related
On a PHP+MySQL project, there's a string of text coming from a MySQL table that contains HTML tags but those tags never get rendered by Google Chrome or any browser I tried yet:
You can see that the HTML (p, strong) aren't getting interpreted by the browser.
So the result is:
EDIT: HTML/PHP
<div class="winery_description">
<?php echo $this->winery['description']; ?>
</div>
$this->winery being the array result of the SQL Select.
EDIT 2: I'm the dumbest man in the world, the source contains entities. So the new question is: How do I force entities to be interpreted?
Real source:
Any suggestions? Thanks!
You are probably using innerText or textContent to set the content of your div, which just replace the child nodes of the div with a single text node.
Use innerHTML instead, to have the browser parse the HTML and create the appropriate DOM nodes.
The answer provided by #Paulpro is correct.
Also note that if you are using jQuery, be sure to use the .html() method instead of .text() method:
$('#your_element').html('<h1>This works!</h1>');
$('#another_element').text('<h2>Wrong; you will see the <h2> in the output');
I've recently thrown together a basic PHP webpage that lists information pulled from an MySQL table and displays it in various sorts. I'm wanting to allow the user to add a new item to the table, edit an item in the list and delete an item in the list without refreshing the page (Ajax).
This currently goes;
To add/edit an article you click on a link which prompts the popover ajax form, and fills it's contents (if editing) by performing the function setEdit(comment) as below;
<a class="popup-button" title="<?php echo $row['comment']; ?>" onclick="setEdit('<?php if($row['comment']){ echo $row['comment']; } else { echo "Enter comment here..."; } ?>');"><?php echo $row['listitem']; ?></a>
The setEdit() comment is as follows;
function setEdit(editcomment)
{
if(editcomment){ document.getElementById('help-us-comment').value=editcomment; }
}
Which is then, after submitting the ajax form, handled by the following php code;
if(isset($_POST['comment_text']))
$comment=$_POST['comment_text'];
$sql = "INSERT INTO table SET
comment='$comment'";
Problem: I'm having constant issues trying to get the database contents through 1, 2, 3 without falling over at a new line, single or double quote. I've tried endless combinations of replacing tags, htmlspecialchars and nl2br with no half successes - where it's got to the point that it's so convoluted and encoded/decoded now that I'm assuming that there is a far simpler and obvious way that I'm missing.
The main problem happens when trying to load the data into the form, typically having either the form fall over and refuse to populate at all (typically by the a link becoming broken by the data extracted i.e. single quote or new line) or the form being populated with special characters instead of plain text to edit.
I've tried to go into as much detail as possible, but if any more is needed I'm happy to provide. Also apologies if this is an obvious fix/mistake, and I'm being an idiot.
You have two problems here: storing and displaying.
To display you should look in to htmlentities that makes it safe HTML (it does all the quotes replacing, html encoding, etc. for you) so that your string to be safe to be displayed as plain text, or as inputs' values.
To store the data, you should sanitize your queries. You could use mysqli and bind parameters, or use mysql_real_escape_string to escape your input manually.
Otherwise, say hi to Bobby Tables ;)
I have some multi line text saved in MySql database (VARCHAR 255). When i load it, and process it using standard php function "nl2br", it echoes fine (multi line). But, when i load multi line text from database, make it "nl2br" and then send it to javascript (so it gets displayed in textarea), it won't be displayed! What's wrong?
echo "<SCRIPT>FillElements('".$subject."','".$text."');</SCRIPT>";
P.S.
FillElements function:
function FillElements(Sub,Txt)
{
document.getElementById('txtSubject').value=Sub;
document.getElementById('txtMessage').value=Txt;
}
textareas don't actually store the contents in an attribute like value in the same manner as input elements. They actually store the contents in in between the <textarea> and </textarea> tags. Meaning that the contents is actually treated as CDATA in the document.
<textarea>
This is my Content
</textarea>
Produces a text area with "This is my Content" as the contents.
The implication of this is that you cannot use the code you have to alter the contents of a textarea. You have to alter the innerHTML property of the textarea. I have set up a simple example here:
http://jsfiddle.net/wFZWQ/
As an aside, since you are populating the fields using PHP on the creation of the page, why not merely fill the data in the HTML markup, this seems like a long way round to do it.
Also, since you don't appear to be using it, have you seen [jQuery][1] it abstracts alot of things out, so instead of typing document.getElementById("the_id") to get an element you can use CSS selectors and merely write $("#the_id") to get the same element. You also get a load of useful functions that make writing javascript mucxh easier.
[1]: http://jquery.com jQuery
Newline tags (<br />) don't cause actual new lines in <textarea>.
You can pass the "real" newlines (\n) to your <textarea>, though.
I created a fiddle for that.
EDIT: For the updated FillElements code:
$subject = "String\nWith\nMultiple\nLines";
printf('<script type="text/javascript">FillElements(%s)</script>',
json_encode($subject)
);
My guess is that your HTML source code looks like this:
<script>FillElements("foo","foo
bar
baz");<script>
Correct?
In JavaScript, strings cannot span multiple lines...
I have a form where a user types paragraphs into a text area and then it takes them to another page after they submit. How can I pass whatever they typed to the page after they submit? The text area might have linebreaks and if I use a query string to pass the data, it gives me an error. This is my current code to pass the field:
<?php
if(isset($_POST['form']))
{
$title = $_POST['title'];
$body = $_POST['body'];
header("SubmitForm.php?title=$title&body=$body");
?>
<html>
...html form...
It doesn't work when the text area has line breaks in it.
I would suggest installing a wysiwyg editor to make this easier for you, but i assume that would add some time for the learning curve.
The simplest tips I can give you is to set a CSS attribute for your textarea: white-space:pre so that when it gets submitted, all line breaks get sent as well.
On your server side, you would need to use the nl2br() function, so that when it gets saved on your DB or wherever you store them, all line breaks are converted to HTML breaks.
For your additional reference, I had a similar question like this last year.
You really shouldn't be putting anything that long in a query string in the first place. Look into using sessions to store data across pages instead.
(This is assuming I understood the question right)
urlencode the data in order to pass it via query string.
I am trying to format some bad html to output into a pop window. The html is stored in a field in a mysql database.
I have been performing json_encode and htmlspecialchars on the row in the php like so:
$html = htmlentities(json_encode($row2['ARTICLE_DESC']));
and calling my makewindows function, which simply takes the html as a paramter and uses it withdocument.write like so:
<p>Click for full description </p>
This works ok, as in some html code is produced, such as the following:
http://www.nomorepasting.com/getpaste.php?pasteid=22823&seen=true&wrap=on&langoverride=html4strict
pasted there because I do not know how to wrap lines in SO
The problem is that htmlspecialchars does not seem to be stripping bad html data, as no popup window is created. The error I receive with firebug is
missing ) after argument list
However the html is outside of my control.
From what I have read, I am taking the correct steps. If I am missing something out, what is it?
My full make windows function:
function makewindows(html){
child1 = window.open ("about:blank");
child1.document.write(html);
child1.document.close();
}
You shouldn't have the single quotes in the function call. It should look like this:
<p>Click for full description </p>
Then the output will look like
<p>Click for full description </p>
which is correct.
Try it the following way:
$html = htmlentities(json_encode($row2['ARTICLE_DESC']),ENT_QUOTES);
I think the single quotation marks are not escaped by default.
Nevertheless I recommend you saving the html in a JavaScript variable before opening the window.