shadowx
Jun 1 2006, 01:01 PM
Hello everyone Im TRYING to make a forum and obviously for security i need to disable HTML tags being used in posts. i know how to use the str_replace() function but to be honest i think id have to do that for every single tag. I also trued using the html CODE <XMP> stuff </XMP> tag but i need to be able to use the new line tag to make a new line as all the posts are stored as HTML. if this isnt clear let me give an example: QUOTE
NEW POST PAGE > user makes new post and posts it > PHP PROCCESSOR PAGE MAKES HTML FILE > NEW HTML FILE CONTAINING THE POST > user veiws the post using a php page to retrieve the html and display it
hopefully that explains it better. so unless i can find another way of putting lnie breaks into the mesage i need to disable all html tags except the new line tag. im begining to think that html might not be ideal for storing the message data, but i was sure that an sql table had a character limit of 255 characters or am i wrong? Thanx in advanced
Reply
rvalkass
Jun 1 2006, 04:22 PM
Virtually ever single forum script out there uses a database, whether that be MySQL, SqLite, PostgreSQL or another system. As far as I am aware there isn't a character limit of 255 on things like the TEXT datatype in MySQL. This is how most forums store their post content, and it allows you to have long posts with no character limit, although many forums impose a character limit due to database size restrictions. As for the removing HTML tags, your best bet would be to remove all tags, so < anything > and then replace a linebreak with a special character, like the ¦ symbol. Then when you load the post, remove that symbol and replace it with a linebreak tag. If not then look at some tutorials or other forum scripts and see how they do it.
Reply
shadowx
Jun 1 2006, 06:42 PM
QUOTE(rvalkass @ Jun 1 2006, 05:22 PM) 
Virtually ever single forum script out there uses a database, whether that be MySQL, SqLite, PostgreSQL or another system. As far as I am aware there isn't a character limit of 255 on things like the TEXT datatype in MySQL. This is how most forums store their post content, and it allows you to have long posts with no character limit, although many forums impose a character limit due to database size restrictions.
As for the removing HTML tags, your best bet would be to remove all tags, so < anything > and then replace a linebreak with a special character, like the ¦ symbol. Then when you load the post, remove that symbol and replace it with a linebreak tag. If not then look at some tutorials or other forum scripts and see how they do it.
Humm...i might give the database idea a go it would savea lot of hassle i guess it just made me think also with this forum that it seems to have each post stored as a HTML file, if you look at the address bar its topicname12345.html where 12345 is a random number. I shall try using the database and such i think. God knows where i got the idea of a character limit then! thanx
Reply
electriic ink
Jun 1 2006, 06:53 PM
The topics aren't stored as html pages but in databases as rvalkass mentioned. The links to html pages that you see on the D2-Latest Topics Mod at the bottom and everywhere else are all virtual and are formed, somehow, using apache. To prove that they aren't proper pages but virtual, visit the URL below: http://www.trap17.com/forums/HEY_LOOK_I_CA...URL-t37546.html
. As for trying to stop people utilising html, try this code: CODE <? $post = str_replace ('<', '<', $post); $post = str_replace ('>', '>', $post); ?> And for making new lines in the textbox turn into <br />CODE <? $post = nl2br ($post); ?> To make it so that the break tag appears in HTML format rather than XHTML format, add the following code afterwards: CODE <? $post = str_replace ('<br />', '<br>', $post); ?> $post being whatever the variable containing the post's data is and < and > are the ASCII codes for < and > so they won't render as html.
Reply
arcticsnpr
Jun 1 2006, 07:03 PM
i think all your looking for is one small funcion: CODE htmlspecialchars(data); I'm not sure if this is what you are looking for, but what this does is takes any html tags and puts them into english, so it will print out the html. , arctic
Reply
shadowx
Jun 1 2006, 09:14 PM
thanks for that electriic ink it makes sense, i think ill use a database and some of the functions below to strip the HTML and then do it that way. i learn something new every day! stil lhave no idea how i got the whole 255 character limit thing from though...it puzzled me how forums worked i just assumed they used some kind of file to store the data in, now i know differently!
Reply
Spectre
Jun 1 2006, 09:54 PM
Little off-topic, but Trap17's method could be repeated using Apache's mod_rewrite (I'm not 100% sure what path Trap17 takes, but I'm assuming it would similar to this): CODE RewriteRule ^/?forums/(.*)-t([0-9]*)\.html$ /path/script.php?tid=$2 [L,QSA] This completely disregards the actual path, only taking into consideration the numbers which appear after the '-t' and before the '.html', and passing that value onto '/path/script.php' which can then do with it as it will. This URL rewriting is done on Trap17 purely for SEO purposes; there are many other things you could use it for, though.
Reply
BuffaloHELP
Jun 1 2006, 11:15 PM
Regretfully going off topic here. Trap17's forum, Invision, has built-in "disable HTML tags" under admin control. However, I'm sure when the admin's control is triggered it uses some reliable stripping method to cancel out the < html command > and post it as plain text.
Reply
beeseven
Jun 1 2006, 11:36 PM
arcticsnpr is right, htmlspecialchars or htmlentities will convert < and > to < and >. It will also convert other things which you can find here: http://us2.php.net/manual/en/function.htmlentities.php
Reply
Tyssen
Jun 2 2006, 02:23 AM
If you want to remove all HTML, you can use the strip_tags function: http://au3.php.net/strip_tags
Reply
Recent Queries:--
i want to parse the data in alt tag using php - 18.07 hr back. (1)
-
using php to disable from display - 22.13 hr back. (1)
-
cancel html tags php - 28.98 hr back. (1)
-
disable html:file tag - 30.48 hr back. (1)
-
php disbaling html in forms - 37.42 hr back. (1)
-
strip html tags from pdf file - 39.44 hr back. (1)
-
php disabling short tag - 57.81 hr back. (1)
-
strip php/html tags from input - 58.05 hr back. (1)
-
html tag to disable parsing - 58.43 hr back. (1)
-
disable html php - 65.46 hr back. (1)
-
php disable html tags - 80.41 hr back. (1)
-
tinymce disable ansi characters - 103.41 hr back. (1)
-
ipb disabling url tag - 118.81 hr back. (1)
-
disabling xmp files - 129.65 hr back. (1)
Similar Topics
Keywords : php, disabling, html, tags
- Html Form!
Using MySQL?! (4)
How Do I Get The Result To "stick" And Add Html Tags?
Help please? (14) $changepage = $_REQUEST ; echo " $changepage "; ?> Okay, I need a
way for any information typed in my textarea to "stick" on the page in which it "posts". Since I am
creating a way for my registered users to decorate their "homepages". So any help, tutorials, etc.
would be greatly appreciated. ^^ Thanks.....
File Checker-how To Check File Whith Html Through Html?
(2) edit:sorry for the mistake it is php not html and its with not whith my code checking script= CODE
<?php $file = '$CHECK'; if (file_exists($file)) {
echo "The file $filename exists"; } else { echo "The file $filename
does not exist"; } ?> my question is how to check the file whith html example:on a page
a text box is provided and a button the user writes a file name (or website) the user clicks on the
submit button then it checks and show it (with the code above) i got the code C....
Html Code Tester. Online Script
(15) Yes, yes. I have another script that I have written and I am distributing. I am not entirely sure if
this works. I have not tested it yet, but I will later and post back with a demo and fix it up.
Current script: CODE <?php //Save this as something like htmltest.php function
CheckForm() { $html_unsafe=$_POST['code']; //Gives us our user
input $html_safe=str_replace("<?php"," ",$html_unsafe);
//Starts security measures $html_safe=str_replace("?>","
",$html_sa....
Html Site With Login
Is it possible? (2) Hello. I´m building my own site and I need some help... Is it possible to use a login sistem in php
and mysql database in a html site? ....
Script To Translate Into Bbcode From Html Tags
(1) I was wanting to know how to make a form like they use here for the website form. I want to be able
to turn stuff in to bbcode. If you know how or would be willing to write the script for me could
you email me. will@darkzone3.com . I am william to give all credit to who ever makes it. and i can
put a link back to a site if you want. Please be specific with the topic title. "Help" is never a
good topic title. This is explained in our forum rules. Title modified. ....
<?php ?> Marking Up With Php
How to simply add HTML tags with PHP (0) Just a simple function to mark your queries /smile.gif" style="vertical-align:middle" emoid=":)"
border="0" alt="smile.gif" /> CODE <?php $uzorak = 'Hosting credit'; //use
post to get $uzorak variable $tapeti = "Hosting credits are collected by posting at
the forums. The hosting credits are given after your posts are filtered and depending on its size,
you get proportional hosting credits. Once you get the required credits you can post an application
for hosting. One of our admins will then approve your application after which you c....
Help With Moving Html Form Results To Shopping Cart?
(3) Hello All- So I think I'm tackling a pretty big project here and was looking for some help... I
am fairly new to extensive coding (beyond HTML and a little bit of JavaScript) and wanted to know
how I can recall HTML form results on the next page (in a shopping cart) with a price based on the
choices picked in the form. It sounds complicated...look at this example: Check out this page:
http://www.plugcomputers.com/intelprobuild.php See how when the user goes through and picks all
their computer parts a price at the bottom shows the system price based on their sel....
A Script To Close All Bbcode Tags In Php
can you help me write one? (1) ok, ive got a chat that I made from scratch in flash. Its actually pretty damn cool! I just
coded it so bbcode is allowed, but ive got a sligt problem. if sobody dosnt close a tag, then the
tag stays active for the following messges. /sad.gif" style="vertical-align:middle" emoid=":("
border="0" alt="sad.gif" /> , so i thout, why not add the end of every tag, at the end of every
message example: CODE [/b][/u][/i][/url][/color]
but then i relized, flash's html encoding is very propor, and all tags must be closed....
[help]: Php To Html (static) Converter
I need help to use PHP to HTML Conversion (3) Hello Guys, I want to use PHP 2 HTML Conversion for my PHP-Nuke CMS And my PHPbb or IPB Forum, but
don't know or does't have any idea about it. If any know about it than please tell me. In
Trap17.com forum PHP to HTML (Static) conversion example is their, you can see it on your Address
bar, Same thing i want to use with my PHP Codes........ Thanks in advance, i am waiting for your
suggestion....
Logging Dowload Files From Your Server Onto A Html File
(1) Well, i had the idea of logging the downloads from my web in a html file few weeks ago, and i solved
it with a lil php page included in my homepage. You could name the links with a name like
"download.php?file=filename.ext" and then, in the download.php put the next code: (well you put
the html and head and body tags if u want, i only write the php here) CODE <? if
(isset($_GET['file']))
$file=$_GET['file']; //so it gets the GET data from url
(file=filename.ext); $ip=$_SERVER[....
Parsing Html As Php
and XAMPP as the server version on Windows (7) On my Trap17 account here, I have an .htaccess file with the following declaration which (I think)
forces all html files to be parsed by the PHP Parsing engine and therefore I can insert snippets of
php scripts into html files. CODE AddType application/x-httpd-php .html .htm However, when I
add an .htaccess file to the local directory of the version of XAMPP on my local machine, it fails.
I have tried to add the .htaccess file to the htdocs folder and elsewhere, but it still doesn't
work to parse html through the php parser. Any ideas on how to get these htm....
Adapting Html Code Embed To Work On Phpnuke
Help With This Html Code Pls (7) QUOTE how can get this html code to work on my phpnuke site? what tags would i
have to enable in the $Allowable HTML part of my config.php file?? Edited topic title. Moved
to Programming. ....
Finding Data In Meta Tags
using php to search Meta Tags for data (0) In the Head portion of an Html file, there are usually several Meta Tags that contain data about
various things, like the tag for keywords, an Author's name or maybe a description field. Here
are two example Meta tags: HTML meta name =" Keywords " content=" keyword1, keyword2 " />
meta name =" Description " content=" A Description of the file's content is here " /> So,
what I have a question about concerns checking a file to see what information is included in these
tags and using that information as variables or content in the output of the page....
Php And Asp.net Form
server control html component (6) does this sort of feature can be done in php. http://www.w3schools.com/aspnet/aspnet_forms.asp or
how and what are the differences.. thanks /huh.gif' border='0' style='vertical-align:middle'
alt='huh.gif' /> ....
Html Within Php Coding
Is there a way to read HTML Code? (11) Is there a way to have PHP read a text file, which contains HTML Code, not text to display. This
way i have a simple code in every page, linking to this text file, and then if i'm wanting to
change the code, i only need to change the code in the text file. If that all makes sense?
/biggrin.gif' border='0' style='vertical-align:middle' alt='biggrin.gif' /> I get the feeling it
can be done, but the only code i have seen is one that displays the contents of the text files.....
Parsing .html Pages
(9) This isn't really that urgent but I was wondering, I read somewhere that you can configure you
server to pars all html pages for php code, and I was wondering if that was true, and if trap17 has
that feature enabled?....
Best Php/html
(2) I'm wondering what open source converters are out there already. I'm generating legal
documents that require names addresses etc. I want the ability for the end user to modify the base
document whenever they require. I plan to use the TinyMCE WYSIWYG editor to let the users edit each
page. I will populate names and addresses dynamically based on tags in the text. Is there something
good out there that will convert the html to pdf reliably? ....
Executing Scripts Without Include() Function
php function to execute a script w/o showing html markup (3) Hi guys. I have another newbish PHP question. /laugh.gif' border='0' style='vertical-align:middle'
alt='laugh.gif' /> Today, I decided to make a new navigation bar for my site. It doesn't look
good because I just started learning Flash today, so I was basically feeling my way around the
application. Anyways, if you use Flash and you try to validate your site at http://w3.validator.org
, you get a lot of errors for some weird reason. So I was thinking about separating the markup for
embed Flash from the rest of the site's source code. The problem with that i....
Html Font Tags In Php
editing fonts using html? (11) I have a php script thats is fully written in php (no html at all). Now for my question, how can i
edit the fonts? Ill make it easier to understand, the following is a data script (found the
script): CODE <? $mese[0]="-"; $mese[1]="January";
$mese[2]="February"; $mese[3]="March";
$mese[4]="April"; $mese[5]="May";
$mese[6]="June"; $mese[7]="July";
$mese[8]="August"; $mese....
Html Frames
how do i wrap html into php (7) hi all what i want to know is does anybody know a way to input html code into php /blink.gif'
border='0' style='vertical-align:middle' alt='blink.gif' /> because i want to bulid a website
using frames but i wish for with to run using php or if theres a way of creating frames using php
that would be better for me. if any of u people got some good advice or links please reply. Thanks
/ph34r.gif' border='0' style='vertical-align:middle' alt='ph34r.gif' /> ....
Html To Php Questions
(3) Hi, I would like to know if it is safe to change HTML files to PHP files by just changing the
dotHTML extension to dotPHP?? I tried it to a single html file because i used a php code of blog,
and it worked. I'm using Internet Explore version 6 and it's working fine. I would like to
know if the PHp files would work for other browsers after changing dotHTML to dotPHP extension.
Thanks....
ansi 2 html
(1) well im starting to use my old ansi parser to display ansi charactors on websites as though they
were txt.. php is neat about lett me doing that... except i forgot exactly how i did it before.. if
anyone has any idea where to get started let me know please....
Looking for php, disabling, html, tags
|
|
Searching Video's for php, disabling, html, tags
|
advertisement
|
|
