I am posting this content in the Editor.
> <div class="faq"><ul><li><span class="q">What is a teest?</span>
> <span class="a">A test.</span><div class="spacer"></div></li> </ul></div>
It is saving in the following format.
<p><div class=\\\"faq\\\"><ul><li><span class=\\\"q\\\">What is a teest?</span> <br /><span class=\\\"a\\\">A test.</span><div class=\\\"spacer\\\"></div></li> </ul></div></p>
So the output is not showing perfectly. I have added stripslashes and addslashes. Even it doesn't work.
What is the best way to resolve this issue?
Thanks in advance...
That's ugly..
You need stripslashes() twice, strip_tags() and htmlspecialchars_decode(), if you want working HTML code.
$html = '<p><div class=\\\"faq\\\"><ul><li><span> ...';
$html = htmlspecialchars_decode(strip_tags(stripslashes(stripslashes( $html ))));
echo $html;
This will print:
<div class="faq"><ul><li><span class="q">What is a teest?</span> ...
Related
Please help tried all ways nothing worked. I am inserting some code to MySQL DB using PHP 7 and after insert the code which is all fine; thus:
Eg:
<p>Hello:<b>Amber</b>\r\n<div>\r\n<hr>\r\n\r\n<button onclick=\"insertTextAtCursor()\">Lisa sisend</button>
When I call the record set using PHP in the HTML this is NOT showing anything since the HTML codes are hidden.
My Need is to show the HTML code in Plain text BUT "without \r\n shown Line Breaks" - formatted; thus:
Eg:
<p>Hello:<b>Amber</b>
<div>
<hr>
<button onclick=\"insertTextAtCursor()\">Lisa sisend</button>
Pure css and javascrpt code's are shown nicely with this PHP lines but NOT the HTML:
$author_code1 = null;
$author_code1 = $row["author_code1"];
$author_code1 = str_replace('\r\n', '<br />', $row['author_code1']);
echo $author_code1;
Got closer to it adding thus:
<?php
echo "<xmp>";
echo str_replace("\r\n", "<br/>", $author_code1);
echo "</xmp>";
?>
This shows all in one line:
</html>\r\n </textarea>\r\n</div>\r\n </div>\r\n</section>\r\n<button>Lisa send</button>
My Question is why isn't it breaking to the next line? Like:
<div>
<p>Hello:<b>Amber</b></p>
</div>
<hr>
<button>Lisa send</button>
Please help.
I thought it provide answers to a Large extent. Many just reply and some copy paste. However, I found a solution:
$author_code1 = null;
$author_code1 = $row["author_code1"];
$author_code1 = str_replace('\r\n','', $author_code1);
$author_code1 = str_replace('<',"<", $author_code1);
$author_code1 = str_replace('>',">", $author_code1);
$author_code1 = str_replace('</',"</", $author_code1);
<pre>
<code class="html hljs">
<!-- my db code -->
<?php echo $author_code1; ?>
<!-- my db code -->
</code>
</pre>
Very unusual question.
I came across some code some years in the pass that was including conditions and normal PHP syntax while echoing all content.
My question is how is that Technic/syntax called. I have been googling with some very broad terms and can't find what im looking for.
If my memory is correct, The code I viewed long time ago had un-escaped HTML and it was not required to start and stop PHP processing with <?php ?>
I Have a method within a class called Template\Labels::User()
the only purpose of that method is to echo the proper html to create a label within my webapp so that the pages are lighten of code and clear to anyone viewing the code.
Id like to avoid, having to <?php ?> for very simple boolean if
Any one know what I am looking for ?
static function User($UserObj,$isLink = true){
?>
<div class="image label bg-purple" style="margin: 4px;">
<?php if($isLink){
?><a href=""><?php
} ?>
<img src="<?php echo $UserObj -> ProfilePicture; ?>" style="height: 2em;" class="img-circle" alt="User Image">
<label style="font-size: 90%"><?php echo $UserObj->FirstName{0}.$UserObj->LastName{0}; ?></label>
<?php if($isLink){
?></a><?php
} ?>
</div>
<?php
}
Edited
After some more research by going through PHP documentation on Operator
I found Nowdoc string quoting
Can someone shed some light onto Nowdocs are to single-quoted strings what heredocs are to double-quoted strings. A nowdoc is specified similarly to a heredoc, but no parsing is done inside a nowdoc. The construct is ideal for embedding PHP code or other large blocks of text without the need for escaping. It shares some features in common with the SGML
http://php.net/manual/en/language.types.string.php#language.types.string.syntax.nowdoc
Its good that you added code to your question so that we can all see what you are dealing with here. Now to me what I understand with your question is that you want to avoid using php tags to echo some html code based on if condition.
<?php
static function User($UserObj,$isLink = true){
$html = '<div class="image label bg-purple" style="margin: 4px;">';
if($isLink) $html .= '<a href="">';
$html .= '<img src="'.#$UserObj->ProfilePicture.'" style="height: 2em;" class="img-circle" alt="User Image">';
$html .= '<label style="font-size: 90%">'.#$UserObj->FirstName[0].#$UserObj->LastName[0].'</label>';
if($isLink) $html .= '</a>';
echo $html;
}
?>
In my thinking I thought you should just have to run php tags once and use a simple variable to add your html code to so that you can print at the end of the function.
I didn't understand some of your images but all the same your issue is printing unescaped html in PHP. In other words you want to have raw html.
There are two functions am thinking of right now which you can use depending on your desired output: html_entity_decode() and htmlentities().
html_entity_decode() is the opposite of htmlentities() in that it converts all HTML entities in the string to their applicable characters.
<?php $orig = "I'll \"walk\" the <b>d
$a = htmlentities($orig);
$b = html_entity_decode($a);
echo $a; // I'll "walk"
echo $b; // I'll "walk" the <b>
?>
Ref: http://www.php.net/html_entity_decode
I hope this helps solve your issue of unescaped html.
I want to find content inside of a DIV. I just want to specify the DIV’s id; the rest is automatically adjusted under preg_match.
E.g.:
<div id="midbuttonarea" etc...>some text...</div>
Brenton is right. Anyway, here you have:
<?php
function findDivInnerHtml($html, $id){
preg_match("/<div .* id=\"{$id}\" .*>(.*)<\\/div>/i", $html, $matches);
return $matches[1];
}
?>
Sample usage:
<?php
$html = '<div id="other"> xxx </div> <div id="midbuttonarea" etc...>some text...</div> ';
$innerHTML = findDivInnerHtml($html, 'midbuttonarea');
echo $innerHTML; //outputs "some text..."
?>
Hope this helps.
You're much more likely to get a good result using an HTML parser to parse HTML instead of Regex. It's extremely difficult to parse HTML with Regex, and the result may not be very reliable.
Check the accepted answer to this question: How do you parse and process HTML/XML in PHP? for some suggestions on how to go about it.
I am building a picture gallery, that uses this code to display each product I have:
<div class="feature">
<imagetag alt="Image Caption"srcs="">
<div>
<p>
This is some information that can go along with an image.
Anything can be placed here, including images.
</p>
</div>
</div>
I need to create a while loop, that takes all the products in my database, and creates a div of the "feature" class for every instance. I have problems know exactly which symbols need to be escaped and etc. Your help is greatly appreciated.
here is my start:
<?php
($product_set = mysql_fetch_assoc($query)) {
print("<div class="feature"> <imagetage alt="Image Caption" srcs=$product_set[products_image]>"
);}
?>
If you are in a string, every doublequote should be escaped. Because it will close your string.
<?php
($product_set = mysql_fetch_assoc($query))
{
print "<div class=\"feature\"><img alt=\"Image Caption\" src=" . $product_set['products_image'] . ">";
}
?>
Fun thing is, I got a link from someone on stackOverflow about PHP templating. Which was using Smarty. So you don't have to use these print states anymore.
Have you tried:
print(htmlentities($my_html_string))
or htmlspecialchars? htmlentities converts all characters that have one to their HTML escape sequence, while htmlspecialchars converts only those that have meaning in HTML.
What is the easiest way to Html encode in PHP?
By encode, do you mean: Convert all applicable characters to HTML entities?
htmlspecialchars or
htmlentities
You can also use strip_tags if you want to remove all HTML tags :
strip_tags
Note: this will NOT stop all XSS attacks
Encode.php
<h1>Encode HTML CODE</h1>
<form action='htmlencodeoutput.php' method='post'>
<textarea rows='30' cols='100'name='inputval'></textarea>
<input type='submit'>
</form>
htmlencodeoutput.php
<?php
$code=bin2hex($_POST['inputval']);
$spilt=chunk_split($code,2,"%");
$totallen=strlen($spilt);
$sublen=$totallen-1;
$fianlop=substr($spilt,'0', $sublen);
$output="<script>
document.write(unescape('%$fianlop'));
</script>";
?>
<textarea rows='20' cols='100'><?php echo $output?> </textarea>
You can encode HTML like this .
Try this:
<?php
$str = "This is some <b>bold</b> text.";
echo htmlspecialchars($str);
?>
I searched for hours, and I tried almost everything suggested.
This worked for almost every entity :
$input = "āžšķūņrūķīš ○ àéò ∀∂∋ ©€ ♣♦ ↠ ↔↛ ↙ ℜ℞";
echo htmlentities($input, ENT_HTML5 , 'UTF-8');
result :
āžšķūņrūķīš ○ àéò ∀∂∋ ©€ ♣♦ ↠ ↔↛ ↙ ℜ℞rx;