PHP - Removing Extra White Space In Text Area Boxes

I'd like to use a text editor like this one: http://tinymce.moxiecode.com/examples/full.php for my forums.


But I am not sure exactly how I would prevent abuse and injects to messed up the page, rather than being contained in  the designated area it is meant for.


Could some   one please help me, I know htmlspecailchars will not work, since some of the code needs to render as html 

I’m trying to construct a button that simply writes an "aleph" character into a text area, see below. My code does not work, can anyone tell me why ? How should I fix it ?

<!DOCTYPE html>
<html>
<meta charset="UTF-8">
<head>
<title>Example</title>
<script type="text/javascript">
      //JavaScript code goes here
function insertAtEnd(text)
{
  var theArea = document.getElementById("thisArea");
  theArea.value += '' + text + '';;
 
}            
</script>
</head>
<body>
<input type="button" id="aleph" name="aleph" value="Write an aleph"
onClick="javascript:insertAtEnd(\'<span>&#x05D0;</span>\');return(false)" />
<textarea id="thisArea">  </textarea>


</body>
</html>

I have several lines of text formatted as such:
Code: [Select]
title text – some more text blah blah blah
How do I delete everything after title text from every line ( the and ndash and after)? 

Thanks!

I currently am working on a project where I code a "simple" telephone directory.

There are three main tasks that it needs to do:
1. Directory.php(index page) has a "First Name" and "Last Name" field and a search button. When a name is searched from the directory.txt file, it displays First Name, Last Name, Address, City, State, Zip and phone in findinfo.php in designated text boxes...first name, last name, etc.

2. From the findinfo.php, like previously stated, the users information is listed in the appropriate text boxes. From there, there is an update button that will overwrite the user's information to directory.txt if that button is selected. It will then say the write was sucessful.

3. (completed this step) From the index page, there is a link that will take you to addnew.php where you enter First Name, Last Name, Address, City, State, Zip and phone in a web form and write it to directory.txt.

 This is the php code for the third step:

<?php
$newentryfile = fopen("directory.txt", "a+");
$firstname = $_POST['fname'];
$lastname = $_POST['lname'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$phone = $_POST['phone'];
$newentry = "$firstname $lastname\n\r $address\n\r $city, $state $zip\n\r $phone\n\r";
if (flock($newentryfile, LOCK_EX)) {
if (fwrite($newentryfile, $newentry) > 0)
echo "<p>" . stripslashes($firstname) . " " .
 stripslashes($lastname) . " has been added to the directory.</p>";
else
echo "<p>Registration error!</p>";
flock($newentryfile, LOCK_UN);
}
else
echo "<p>Cannot write to the file. Please try again later</p>";
fclose($newentryfile);

if(empty($firstname) || empty($lastname) || empty($address) || empty($city) || empty ($state) || empty($zip) || empty($phone))
{
echo "<p>Please go back and fill out all fields.</p>";
}
?>


So to sum it all up, what would be my best approach? I am totally stumped and not sure which function to use. Should I work my way from step 1 to step 2? I see it as when I do the search for the name from directory.php, it takes me to findinfo.php, listing the users information in the text boxes. From there, if I needed to, having the user's information already listed I could hit the update button to overwrite the new information to directory.txt. Doing the update when then tell me that the write was successful.

I have literally been scouring the internet for hours. What would be the best function to do this? I hope I was clear enough. Please help me out and thank you for your time.

Hi i have this edit form that allows user to mofy data but the problems on the text box is that it deletes the rest of the data after the space from the first word i tried to increase the size of the varChars on mysql but did no work why it happens how can i stop from happening??

this the form input
<input type="text" name="name" id="name"  class='text_box' value="<?php echo $_GET['name'];?>"/>

Hi

I want this URL:

php.net/manual/en/function.explode.php

to become

php.net

using php ..

I tried with the explode fuction but couldnt get it to work ...
list ($finalurl, $blabla) = explode('/', $url);

Anyone have any tips?

Thanks in advance

I want to add a text area to this so when an Administrator of the site clicks the refusal button, they will be able to type in a reason for the refusal.

Code: [Select]
<?php
echo '<a href="adminDeleteGoodie.php?delete_id=' . $delete_s_find . '" onClick="return confirm(\'Are you sure you want to delete&nbsp;' . $makesure_s . ' from the Goodies Approval List? If so, please leave a reason for the upload being denied.   NEED A TEXT AREA RIGHT HERE    \');"><img src="images_new/remove.jpg" border="0" /></a>';
?>

Hello,

I have a field in which when a user types something into it, it saves it into a table in my SQL. But is it possible to remove a particular phrase from the field if the user enters it.

Example:

I have a text field that says 'please enter your website domain here'. The user then enters 'www.domain.com'. Is it possible for PHP to remove the 'www.' and only save the 'domain.com' to my SQL (bearing in mind that not all users may enter www.)

Here is the code for the text field:

Code: [Select]
<input name="website_name" type="text" class="text-box" id="website_name" value="<?php echo $website_name; ?>" size="24" />
Here is the code for the _POST:

if(isset($_POST['send']))
            {
$database->updateUserField($session->username, "website_name", $_POST['website_name']);
}

(the code so far all works fine - I just want to add an extra 'variable', if you will, to the code)

Thanks for your help!!

I need to remove some text from a php variable.

right now

$testv = <span id="sobi2Details_field_street">www.google.com</span>

I need to remove the <span id="sobi2Details_field_street"> and the </span> so im left with

$testv = www.google.com

Ok i have just installed anope irc services on my irc network and they use MySQL databases.

Through this, I can use the same info/passwords to link user/website accs.

However it stores passwords as md5:someHashHere

How would i get a php script to remove the md5: from the start, or would it just be easier checking against md5:$md5(enteredpassword)?

Hi,

I've been asked to modify a section on a site for a local club.

Basically, I've been asked to improve the name input section (a user may have to input up 15 names in one visit to the site).

At the moment the site works like this:
The user enters one members first name in one form box, then the surname in another, then presses "add name" which adds it to the list.

What i want to be able to do (and i'm sure i've seen it somewhere), is have the user enter the list of names into one big text area: Type in the first name then the surname, hit enter for a new line in the text area then type the next name....etc. When the list is complete press "add names" button.

Is there a name for this type of input? And does it work on the following principle:
1. The entire text sent from the text area can be exploded into an array using the line break as the delimiter
2. Each value in the array is then the first name and second name.
3. I can then explode each value further now using the space as the delimiter.
4. I am left with a bunch of arrays containing the first name in one value and the surname in the second

Any help or pointers here would be class

Cheers,

John

Note that my code still use the old mysql query and I am aware of that. I want to migrate it to mysqli soon but it will have to wait until I learn how to do so. Meanwhile, please help me with the code that I have now. Thank you    I've looked around the internet to find how to do this and I found two methods:   htmlspecialchars(); and mysql_real_escape_string();   I wrapped my text into one of the two function in order to pass in text with apostrophe in it to the database.   However I encountered a problem.   With mysql_real_escape_string, I got the desired effect that I want but the problem is that, the function also apply its effect onto html img tag. So <img src="test"> turns into <img src=/"test/"> and therefore images (and also links) will not appear.   With htmlspecialchars, again I got the desired function that I want which is to pass in apostrophe into the database. The problem with this is that when I pull the data out from the database and echo it onto my page, it doesn't render and show as a plain html code.   What confuse me a lot is that, it works fine inside my localhost.   Please help  Thank you!  Attached Files  content-insert.php   3.92KB   4 downloads

How can I make this textarea box height larger? The width is fine but I need to make it a little taller so I don't have to scroll to see what I've typed in. Thanks

Code: [Select]

<tr>
<td colspan="4"><b>Notes:</b>
<textarea style= "width: 100%"> </textarea>
</td>
</tr>

Merry xmas and happy new in advance to you all.

I have a web form where user submit an ad. Everything is working just fine. However there is a field name brief. The brief field is where user add info about their ad. Now people are including web url, phone numbers and email address in this field which make the ad look like spam.

In the code there is already a function that check if they have entered their email address in the email field. I want to add a function to the check field to include the brief field. The function should either automatically delete any phone number/email addr/web url or replace with with my website name if detected in the brief field.

Your help will be highly appreciated.
Code: [Select]
<?php
 function check_fields()
{
global $db_entry, $visible_val, $cat_fields, $email, 
$HTTP_POST_VARS, $photos_count, $phptomaxsize, $userfile, $prviewphotomax,
$incl_prevphoto, $incl_mtmdfile, $mtmdfile_maxs, $userfile_name, $select_text, $msg2;



if(!get_magic_quotes_gpc())
{

foreach ($HTTP_POST_VARS as $key5 => $value )
{
$HTTP_POST_VARS[$key5]=addslashes($HTTP_POST_VARS[$key5]);
}
}

foreach ( $cat_fields as $key => $value )
{
$HTTP_POST_VARS[$key]=ereg_replace('<', '&#38;#060;', $HTTP_POST_VARS[$key]);
$HTTP_POST_VARS[$key]=ereg_replace('>', '&#38;#062;', $HTTP_POST_VARS[$key]);

if ($cat_fields[$key][2]=="minmax")
{ $HTTP_POST_VARS[$key]=ereg_replace(',', '', $HTTP_POST_VARS[$key]); 

$HTTP_POST_VARS[$key]=preg_replace ('/[A-Za-z]|\$|,|\?|\+/', "", $HTTP_POST_VARS[$key]);

}

if ($cat_fields[$key][4]=="date")
{ 
$key_d=$key."_dd"; $key_m=$key."_mm"; $key_y=$key."_yy";
$HTTP_POST_VARS[$key]=$HTTP_POST_VARS[$key_y]."-".$HTTP_POST_VARS[$key_m]."-".$HTTP_POST_VARS[$key_d];

if (($HTTP_POST_VARS[$key_m] > 12)  or ($HTTP_POST_VARS[$key_m] < 1) or
($HTTP_POST_VARS[$key_d] > 31) or ($HTTP_POST_VARS[$key_d] < 1) 
or ($HTTP_POST_VARS[$key_y] < 1))
{
$message="
<center>
<font class='msgf2' >
  ".$msg2['incorr_date_f']."  ".$cat_fields[$key][0]."  </font>
</center>
"; 
output_mssg_ex($message);
return;
}

 
}

if ($cat_fields[$key][4]=="checkbox")
{
$aa5=split('<option>',$cat_fields[$key][7]);
$i_aa5=0;
foreach ($aa5 as $value1)
{
$i_aa5++;
$namechbx=$key.$i_aa5;
if ($HTTP_POST_VARS[$namechbx]!="")
{$HTTP_POST_VARS[$key]=$HTTP_POST_VARS[$key].$HTTP_POST_VARS[$namechbx]."; ";}
}
}


$str_length1=strlen($HTTP_POST_VARS[$key]);
$aa4=split(':',$cat_fields[$key][3]);
$fmaxsize=$aa4[1];
if ($aa4[2]!="") $fmaxsize=$aa4[2];

$fmaxsize=2*$fmaxsize;

if ( $str_length1 > $fmaxsize)
{
$message="
<center>
<font class='msgf2' >
  ".$msg2['Ad_info_in_field']." <font class='msgf1' >".$cat_fields[$key][0]." </font> ".$msg2['is_too_large_inf']."</font>
</center>
";
output_mssg_ex($message);
return;
}

if ($HTTP_POST_VARS[$key]==$select_text)
{$HTTP_POST_VARS[$key]="";}

if ($cat_fields[$key][5]=='1')
{
if (( $HTTP_POST_VARS[$key]=="") or ( $HTTP_POST_VARS[$key]=="http://"))
{
$message="
<center>
<font class='msgf2' >
  ".$msg2['Ad_field_c']." <font class='msgf1' > ".$cat_fields[$key][0]." </font> ".$msg2['was_mising_on_form']."</font>
</center>
";
output_mssg_ex($message);
return;
}
}
}
if ($cat_fields['email'][5]=='1'){
$HTTP_POST_VARS['email']=check_email($HTTP_POST_VARS['email']);
}

for ($i=1; $i<=$photos_count; $i++)
{
$i1=$i-1;
if (file_exists($userfile[$i1])){
if (filesize($userfile[$i1]) > $phptomaxsize)
{
$phptomaxsize1=$phptomaxsize/1000;
$message="
<center>
<font class='msgf2' >
  ".$msg2['Your_photo_n']." $i  ( ".$userfile_name[$i1]." )  ".$msg2['is_too_large_ph']." < $phptomaxsize1 
".$msg2['Kbyte_v'].".
</font></font>
</center>
";
output_mssg_ex($message);
return;
}
}
}
 
if ($incl_prevphoto=="yes")
{
$i1++;
if (file_exists($userfile[$i1])){
if (filesize($userfile[$i1]) > $prviewphotomax)
{
$prviewphotomax1=$prviewphotomax/1000;
$message="
<center>
<font class='msgf2' >
  ".$msg2['Your_preview_photo_d']." ( ".$userfile_name[$i1]." ) ".$msg2['is_too_large_prph']."
 < $prviewphotomax1 ".$msg2['Kbyte_v'].".
</font></font>
</center>
";
output_mssg_ex($message);
return;
}
}
}
if ($incl_mtmdfile=="yes")
{
$i1++;
if (file_exists($userfile[$i1])){
if (filesize($userfile[$i1]) > $mtmdfile_maxs)
{
$mtmdfile_maxs1=$mtmdfile_maxs/1000;
$message="
<center>
<font class='msgf2' >
  ".$msg2['Your_multimedia_file']." ".$userfile_name[$i1]."
 ".$msg2['is_too_large_mmf']." < $mtmdfile_maxs1 ".$msg2['Kbyte_v'].".
</font></font>
</center>
";

output_mssg_ex($message);
return;
}
}
}

 
}
 
function checknusrads()
{
global $cat_fields, $table_ads, $ct, $page, $adsonpage,
$html_header, $html_footer, $usrads_chcktime, $usrads_max, $categories,$ch_nmusr,
$REMOTE_ADDR, $msg2, $msg, $templ, $indx_url; 

$timech1=time() - $usrads_chcktime*86400;
$sql_query="select count(idnum) from $table_ads where
 ipaddr1='$REMOTE_ADDR' and time > $timech1";
$sql_res=mysql_query("$sql_query");
$row=mysql_fetch_row($sql_res);
$count=$row[0];

if ($count >= $usrads_max)
{
$message="
<font class='msgf2'>
<center> 
".$msg2['exceeded_max_n_ads']." ($usrads_max) ".$msg2['allowed_per_time_p']." ($usrads_chcktime ".$msg2['days_v']." 
<p>
<font class='stfnt'>
<a href='{$indx_url}md=browse&ipaddr1=$REMOTE_ADDR&visunvis=1'>".$msg2['Click_here_v']." </a>
".$msg2['to_see_your_ads']." 
</font>
 
</center>
</font>
";

$thtml= "
<center><table width='400'><tr><td>
<font class='stfntb'>
<b><a href='$indx_url'>".$msg['top'].":</a></b></font>
&nbsp; 
<font class='stfntb'> 
<b>&nbsp; 
<a href='{$indx_url}ct=$ct'>".$categories[$ct][0]."
</b></a> 
</font> 
<hr size='1'><p>
$message
<p><hr size='1'>
</tr></td></table>
</center>
";
 
include($templ['msg']);
return;
}
}

function check_duplication()
{
global $pradsdupl, $HTTP_POST_VARS, $table_ads, $msg2, $ct, $indx_url;

 

if ($pradsdupl=='yes'){

$email_d=$HTTP_POST_VARS['email'];
$title_d=$HTTP_POST_VARS['title'];

$dupl_k="0";

$time1=time() - 1000;
$sql_query="select idnum from $table_ads where title='$title_d' and  email='$email_d' 
and catname='$ct' and (time > $time1)";
$sql_res=mysql_query("$sql_query");
while ($row = mysql_fetch_array ($sql_res))
{
$dupl_id=$row['idnum']; $dupl_k="1";
}

if ($dupl_k=="1"){
global $moderating;
$title_d=stripslashes($title_d);
if ($moderating!="yes"){
$ttlad1="<a href='{$indx_url}md=details&ct=$ct&id=$dupl_id'>$title_d (ID# $dupl_id)</a>";
}
else {$ttlad1="<font color='#000077'>$title_d (ID# $dupl_id)</font>";}

$message="
<center>
<font FACE='ARIAL, HELVETICA' COLOR='#880000' >
 <b> ".$msg2['tried_duplicate_ad']." <br>
 $ttlad1
</font></b></font>
</center>
";

output_mssg_ex($message);
return;
}

}
}

function submit_ad()
{
global $db_entry, $visible_val, $cat_fields, $email, $HTTP_POST_VARS, $ch_nmusr,
 $photo_url, $photo_path, $id_count, 
$userfile, $userfile_name, $visible_val, $html_header, $html_footer, $msg, $msg2, $paymgtw,
$photos_url, $photos_path, $photos_count, $moderating, $ad_idnum, $sndadmnotif,$use_spmg, $templ;

global $actadoptv; if($actadoptv=="yes"){$moderating="yes"; include_once("actlink.php");}

global $usevrfcode;
if ($usevrfcode=="yes"){include_once("vrfuncs.php"); if(!ch_vrcode()){return;}}

if($paymgtw=="yes"){include("ecmc.php"); check_pmsubmit();}

if ($ch_nmusr=="yes"){checknusrads();}

check_fields();

?>
 

Many thanks again

This topic has been moved to PHP Regex.

http://www.phpfreaks.com/forums/index.php?topic=308166.0