PHP - Include Php Tags In A Text Area!
Hi!
I have a text area on my webpage which takes in user php scripts and produces an output in an adjacent window. I am trying to find out how I can auto include some php tags into the input text area so that the user doesn't have to keep typing them in every time. Code: [Select] <form name="form1" method="post" ACTION="editor.php"> <textarea rows="10" cols="60" id="code" name="code"></textarea> <span class="submitbutton">Test code</span> </form> Thanks in advance, Jay Similar TutorialsHi, I'm not sure if this should be in PHP or HTML so apologies if it's in the wrong area. I have a form with a text area element but when the text is submitted, tags such as <br> aren't included so the outputted text is never formatted correctly such as there being no paragraphs. Is there a way make sure such tags are included in the output text? Ta. Are there any problems with calling an include file from within the <header> tags? The reason I'm asking is that I'm trying to load a speficied Style sheet based on a user's location and so I'm running a short script to determine which Style sheet needs to be displayed ... and that script is called from within the header tag. I haven't heard of any problems with doing this in the past, but the script seems to be generating an extra set of <HTML> tags in my source code and I can't figure out why this might be! Thanks, I'd like to use a text editor like this one: http://tinymce.moxiecode.com/examples/full.php for my forums. But I am not sure exactly how I would prevent abuse and injects to messed up the page, rather than being contained in the designated area it is meant for. Could some one please help me, I know htmlspecailchars will not work, since some of the code needs to render as html I’m trying to construct a button that simply writes an "aleph" character into a text area, see below.
My code does not work, can anyone tell me why ? How should I fix it ?
<!DOCTYPE html> <html> <meta charset="UTF-8"> <head> <title>Example</title> <script type="text/javascript"> //JavaScript code goes here function insertAtEnd(text) { var theArea = document.getElementById("thisArea"); theArea.value += '' + text + '';; } </script> </head> <body> <input type="button" id="aleph" name="aleph" value="Write an aleph" onClick="javascript:insertAtEnd(\'<span>א</span>\');return(false)" /> <textarea id="thisArea"> </textarea> </body> </html> I want to add a text area to this so when an Administrator of the site clicks the refusal button, they will be able to type in a reason for the refusal. Code: [Select] <?php echo '<a href="adminDeleteGoodie.php?delete_id=' . $delete_s_find . '" onClick="return confirm(\'Are you sure you want to delete ' . $makesure_s . ' from the Goodies Approval List? If so, please leave a reason for the upload being denied. NEED A TEXT AREA RIGHT HERE \');"><img src="images_new/remove.jpg" border="0" /></a>'; ?> Note that my code still use the old mysql query and I am aware of that. I want to migrate it to mysqli soon but it will have to wait until I learn how to do so. Meanwhile, please help me with the code that I have now. Thank you
I've looked around the internet to find how to do this and I found two methods:
htmlspecialchars();
and
mysql_real_escape_string();
I wrapped my text into one of the two function in order to pass in text with apostrophe in it to the database.
However I encountered a problem.
With mysql_real_escape_string, I got the desired effect that I want but the problem is that, the function also apply its effect onto html img tag. So <img src="test"> turns into <img src=/"test/"> and therefore images (and also links) will not appear.
With htmlspecialchars, again I got the desired function that I want which is to pass in apostrophe into the database. The problem with this is that when I pull the data out from the database and echo it onto my page, it doesn't render and show as a plain html code.
What confuse me a lot is that, it works fine inside my localhost.
Please help
Thank you!
Attached Files
content-insert.php 3.92KB
4 downloads How can I make this textarea box height larger? The width is fine but I need to make it a little taller so I don't have to scroll to see what I've typed in. Thanks Code: [Select] <tr> <td colspan="4"><b>Notes:</b> <textarea style= "width: 100%"> </textarea> </td> </tr> Hi, I've been asked to modify a section on a site for a local club. Basically, I've been asked to improve the name input section (a user may have to input up 15 names in one visit to the site). At the moment the site works like this: The user enters one members first name in one form box, then the surname in another, then presses "add name" which adds it to the list. What i want to be able to do (and i'm sure i've seen it somewhere), is have the user enter the list of names into one big text area: Type in the first name then the surname, hit enter for a new line in the text area then type the next name....etc. When the list is complete press "add names" button. Is there a name for this type of input? And does it work on the following principle: 1. The entire text sent from the text area can be exploded into an array using the line break as the delimiter 2. Each value in the array is then the first name and second name. 3. I can then explode each value further now using the space as the delimiter. 4. I am left with a bunch of arrays containing the first name in one value and the surname in the second Any help or pointers here would be class Cheers, John I'm trying to retrieve the text from a text area and put this in a PHP variable without submitting the form. The text is provided by a database and I want to format it for the user. How can I do this with PHP? So basically: Code: [Select] <form id="createForm" name="createForm" method="post" action=""> <textarea name="subjectTextArea" id="subjectTextArea" cols="45" rows="5"> This is the text I want to put in a PHP variable before the form is submitted. </textarea> </form> <?php $txtArea = ? ?> Thanks for the help. Hi, I am trying to make a php website to create listings however I am having problems with the following code: <?php require_once("/home/a9653716/public_html/functions.php"); if(!$_SESSION['uid']){ header("Location: index.php"); } $id = mss($_GET['id']); if ($id) { $sql = "SELECT * FROM `forum_sub_cats` WHERE `id`='" . $id . "'"; $res = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($res) == 0) { echo "The forum you are trying to create a topic on, does not exist!\n"; } else { $row1 = mysql_fetch_assoc($res); if ($row1['admin'] == 1 && $admin_user_level == 0) { echo "You are not an administrator, therefore you cannot post on this forum!\n"; } else { if (!$_POST['submit']) { echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n"; echo "<form method=\"post\" action=\"./index.php?act=create&id=".$id."\">\n"; echo "<tr><td>Forum Sub Category</td><td><select name=\"cat\">\n"; $sql2 = "SELECT * FROM `forum_cats` WHERE `admin` < " . $admin_user_level . "+1"; $res2 = mysql_query($sql2) or die(mysql_error()); while ($row = mysql_fetch_assoc($res2)) { $sql3 = "SELECT * FROM `forum_sub_cats` WHERE `cid`='" . $row['id'] . "'"; $res3 = mysql_query($sql3) or die(mysql_error()); echo "<option value=\"0\">" . $row['name'] . "</option>\n"; while ($row2 = mysql_fetch_assoc($res3)) { $selected = ($row2['id'] == $id) ? " SELECTED" : ""; echo "<option value=\"" . $row2['id'] . "\"" . $selected . "> " . $row2['name'] . "</option>\n"; } } echo "</select></td></tr>\n"; echo "<tr><td>Topic Title</td><td><input type=\"text\" name=\"title\"></td></tr>\n"; ?> <script>edToolbar('message'); </script> <?php echo "<tr><td>Message</td><td><textarea id=\"message\" name=\"message\" class=\"ed\"></textarea></td></tr>\n"; echo "<tr><td>Tags (Seperate with commas)</td><td><input type=\"text\" name=\"tags\"></td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n"; echo "</form></table>\n"; } else { $cat = mss($_POST['cat']); $title = mss($_POST['title']); $msg = mss($_POST['message']); $tags = mss($POST['tags']); if ($cat && $title && $msg && $tags) { $sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'"; $res = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($res) == 0) { echo "This forum sub category does not exist!\n"; } else { $row = mysql_fetch_assoc($res); if ($row['admin'] == 1 && $admin_user_level != 1) { echo "You are not an admin therefore you cannot post a new topic on this forum!\n"; } else { if (strlen($title) < 3 || strlen($title) > 32) { echo "The title must be between 3 and 32 characters!\n"; } else { if (strlen($msg) < 3 || strlen($msg) > 10000) { echo "The message must be between 3 and 10,000 characters!\n"; } else { if (strlen($tags) < 2 || strlen($tags) > 200) { echo "You must submit at least 1 tag and the total length mustn't be more than 200 characters!\n"; } else { $date = date("m-d-y") . " at " . date("h:i:s"); $time = time(); $sql2 = "INSERT INTO `forum_topics` (`cid`,`title`,`uid`,`date`,`time`,`message`,`tags`) VALUES('" . $cat . "','" . $title . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time . "','" . $msg . "','" . $tags . "')"; $res2 = mysql_query($sql2) or die(mysql_error()); $tid = mysql_insert_id(); topic_go($tid); } } } } } } else { echo "Please supply all the fields! \n"; } } } } } else { if (!$_POST['submit']) { echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n"; echo "<form method=\"post\" action=\"./index.php?act=create\">\n"; echo "<tr><td>Forum Sub Category</td><td><select name=\"cat\">\n"; $sql2 = "SELECT * FROM `forum_cats` WHERE `admin` < " . $admin_user_level . "+1"; $res2 = mysql_query($sql2) or die(mysql_error()); while ($row = mysql_fetch_assoc($res2)) { $sql3 = "SELECT * FROM `forum_sub_cats` WHERE `cid`='" . $row['id'] . "'"; $res3 = mysql_query($sql3) or die(mysql_error()); echo "<option value=\"0\">" . $row['name'] . "</option>\n"; while ($row2 = mysql_fetch_assoc($res3)) { $selected = ($row2['id'] == $id) ? " SELECTED" : ""; echo "<option value=\"" . $row2['id'] . "\"" . $selected . "> " . $row2['name'] . "</option>\n"; } } echo "</select></td></tr>\n"; echo "<tr><td>Listing Title</td><td><input type=\"text\" name=\"title\"></td></tr>\n"; echo "<tr><td>Message</td><td><textarea id=\"markItUp\" name=\"message\" style=\"width:300px;height:100px;\"></textarea></td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n"; echo "</form></table>\n"; } else { $cat = mss($_POST['cat']); $title = mss($_POST['title']); $msg = mss($_POST['message']); $tags = mss($POST['tags']); if ($cat && $title && $msg && $tags) { $sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'"; $res = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($res) == 0) { echo "This forum sub category does not exist!\n"; } else { $row = mysql_fetch_assoc($res); if ($row['admin'] == 1 && $admin_user_level != 1) { echo "You are not an admin therefore you cannot post a new topic on this forum!\n"; } else { if (strlen($title) < 3 || strlen($title) > 32) { echo "The title must be between 3 and 32 characters!\n"; } else { if (strlen($msg) < 3 || strlen($msg) > 10000) { echo "The message must be between 3 and 10,000 characters!\n"; } else { if (strlen($tags) < 2 || strlen($tags) > 200) { echo "You must submit at least 1 tag and no more than a total of 200 characters!\n"; } else { $date = date("m-d-y") . " at " . date("h:i:s"); $time = time(); $sql2 = "INSERT INTO `forum_topics` (`cid`,`title`,`uid`,`date`,`time`,`message`,`tags`) VALUES ('" . $cat . "','" . $title . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time . "','" . $msg . "','" . $tags . "')"; $res2 = mysql_query($sql2) or die(mysql_error()); $tid = mysql_insert_id(); header("Location: index.php?act=topic&id=" . $tid . ""); } } } } } } else { echo "Please supply all the fields!\n"; } } } ?> It seems to work fine until I put the tags text box in. It works fine however when I submit something it says that I havn't supplied all the fields. I have spent quite a while trying to figure this one out but I am very new to php and understand that it's probably a missing comma or something! Hi, Im trying to make a script to mass update a load of links in my database but im stuck on the basics, How can i detect a new line in a text area? Anyone know why this dosen't work? Code: [Select] <?php if($_POST[newlinks]) { $newlinks = preg_split("\n", ($_POST['newlinks'])); $i = 1; foreach ($newlinks as $newlink) { echo "$i - $newlink <br />"; $i++; } } else { echo "<form method=\"POST\" action=\"changehost.php\">"; echo "<br /> <strong>Enter the new links to try and replace old ones</strong> <br />"; echo "<textarea rows=\"16\" name=\"newlinks\" cols=\"84\"></textarea>"; echo "<input type=\"submit\" value=\"Submit\" name=\"B1\">"; ?> I want a Text Area on my form where I can enter the body of an article. It should be sticky so the input is not lost if there are form issues and the form has to be re-loaded. The problem is that when I type "mmm" into this field, after I click "Submit" my form is reloaded - because I didn't complete it - and several blank lines appear before and after the text "mmm"?! Here is my code... Code: [Select] <!-- Body --> <li> <label for="body"><span class="required">*</span>Body:</label> <textarea id="body" name="body" class="text" cols="20" rows="5" wrap="soft"> <?php if(isset($body)){echo htmlentities($body, ENT_QUOTES);} ?> </textarea> <?php if (!empty($errors['body'])){ echo '<span class="error">' . $errors['body'] . '</span>'; } ?> </li> What seems to be the problem?! Debbie Hello all. I have a textarea on a form that users are posting new's stories into. Most are just copy/pasteing from Word, and they need to be able to include single quotes. (ie: John's favorite store is Micky's) I can't figure out how to make the single quotes (') into double quotes ('') so MSSQL will insert them in. Any help? Here's my process code: <?php $title = $_POST['title']; $district = $_POST['district']; $central = $_POST['central']; $east = $_POST['east']; $north = $_POST['north']; $west = $_POST['west']; $story = $_POST['story']; $date = date("l, M j, Y"); $sqlpicturename = "$picturename.jpg"; $showpicture = $_POST['showpicture']; //declare the SQL statement that will query the database $query = " INSERT INTO News (district, central, east, north, west, date, title, story, picture, showpicture, show) Values ('$district' , '$central', '$east' , '$north', '$west' , '$date', '$title' , '$story', '$sqlpicturename' , '$showpicture' , 'true') "; //execute the SQL query and return records $result = mssql_query($query); //display the results echo "Thank You For Posting Your Story:<b> $title </b><br /><br /><a href='addstory.php'>Click Here To Add Another Story</a><br /><br /><a href='index.php'>Click Here To Go Back To The WebEdit Menu</a>"; echo "<br /><br />"; mssql_close(); ?> Hi all, please bare with me i am a newbie to this forum, i will try my best to provide all clear accurate information where possible, please find a below breakdown, i've had a little help from a user already but as am still getting problems and confused i will take his advise am post it in the right place ! 1) I have the below code and wish to ban specifc words, numbers and emails of my choice. 2) If the users enter a baned word etc either nothing will happen or it will forward them to another page. Please find attached index.php which is full working script of where i wish to add my banned words code too, also please find attached indextest.php containing the working script and code of bannng specfic words that i can't get to work. When i run indextest.php on my linux server the whole page displays perfectly but when you enter a baned or unbaned word and click submit nothing happens at all, so am very confused to where am going wrong. Any kind, helpfull guides to what i'm doing wrong would be highly appriciate as i do want to learn from my mistakes. All the best Steve Hi, I am trying to limit an user's input based on a text area size which is 180px. Is this even possible? There are ways to read how many linebreak's (\n) there are in a text area, but a long sentence will read as one linebreak. Any Ideaas? how to get text-area text into variable without using <form> i mean can i get through $_GET please provide me solution it needed badly if ((isset($_GET['insertinto'])) &&($_GET['insertinto']=="true")){ if(isset($_SESSION["ajaxtext"])) { unset($_SESSION['ajaxtext']); $mysession = "" ; //my textarea typed data should b here $_SESSION['ajaxtext'] = $mysession ; //insertrow() ; } } print <<<EOD <textarea rows='3' cols='40' id='ajaxtext' name ='ajaxtext'>$mysession</textarea><br> EOD; Hey guy, I really need your help with this. I have Input from a text area, in this format: a b c d e f g 12 34 435 124 What I need do to is to output only a certain line from every block of text, every block is divided by one or more empty lines. I have done this: $input = $_POST["input"]; $lines = explode("\r",$input); $num = count($lines); $line_to_extract = $_POST['line_to_extract']; for($i=0;$i<$num;$i++) { if($i == $line_to_extract) { echo 'Line '.$i.': '.$lines[$i].'<br />'; } } What I need to do is to detect the empty line so I can keep track of the line to extract. PLEASE HELP!!! Code: [Select] <?php $db = mysql_connect("localhost", "root") or die("Could not connect."); //username and password if(!$db) die("no db"); if(!mysql_select_db("simple",$db)) if(!mysql_select_db("regis",$db))//database name die("No database selected."); if(isset($_POST['submit'])) //if submit button push has been detected { $message=$_POST['message']; if(strlen($message)<1) { print "You did not input a message"; } else { $message=strip_tags($message); $IP=$_SERVER["REMOTE_ADDR"]; //grabs poster's IP $checkforbanned="SELECT IP from admin where IP='$IP'"; $checkforbanned2=mysql_query($checkforbanned) or die("Could not check for banned IPS"); if(mysql_num_rows($checkforbanned2)>0) //IP is in the banned list { print "You IP is banned from posting."; } else if(strlen($message)>=1) { if (isset($_POST['sub'])) { if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) { die('You did not complete all of the required fields'); } // checks if the username is in use if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM registration WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { die('Sorry, the username '.$_POST['username'].' is already in use.'); } //this makes sure both passwords entered match if ($_POST['pass'] != $_POST['pass2']) { die('Your passwords did not match. '); } // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } // now we insert it into the database $insert = "INSERT INTO registration (username, password) VALUES ('".$_POST['username']."', '".$_POST['pass']."')"; $add_member = mysql_query($insert); die("<meta http-equiv=\"refresh\" content=\"0; url=login.php\">"); } else { echo "<form action='login.php' method='post'> <table border='0'> <tr><td>Username:</td><td> <input type='text'name='username' maxlength='60'> </td></tr> <tr><td>Password:</td><td> <input type='password' name='pass' maxlength='10'> </td></tr> <tr><td>Confirm Password:</td><td> <input type='password' name='pass2' maxlength='10'> </td></tr> <tr><th colspan=2><input type='submit' name='sub' value='Register'></th></tr> </table> </form> "; } } /* if($_POST['username'] && $_POST['pass']) { $name = mysql_query("SELECT * FROM Persons"); $thedate = date("U"); //grab date and time of the post $insertmessage="INSERT into mesej (name,IP,postime,message) values('$name','$IP','$thedate','$message')"; mysql_query($insertmessage) or die("Could not insert message"); } */ } } print "<form action='' method='post' name='form'>"; print "Your message:<br>"; print "<textarea name='message' cols='40' rows='2'></textarea><br>"; print "<a onClick=\"addSmiley(':)')\"><img src='smile.gif'></a> "; print "<a onClick=\"addSmiley(':(')\"><img src='blush.gif'></a> "; print "<a onClick=\"addSmiley(';)')\"><img src='images/wink.gif'></a> "; print "<input type='submit' name='submit' value='submit'></form>"; print "<script language=\"Java Script\" type=\"text/javascript\">\n"; print "function addSmiley(a)\n"; print "{\n"; print "document.form.message.value += a;"; print "document.form.message.focus();\n"; print "}\n"; print "</script>\n"; print "<br><br>"; ?> Screenshots After i hit submit button with message inside it, it appear like this : My main problem is when it goes to registration phase im do not want that message text area appear so in my code which is wrong and where im need to redo sir? Hi, I want to be able to let user type in xml text and it will be parsed and uploaded to db, but it doesn't work, it just keeps redirecting me back to this form below! here is html form: Code: [Select] <html> <body> <form method='post' method='form.php'> <p> <textarea name="pastedXML" rows="10" cols="30"> Please paste your xml file here. </textarea> </p> <p> <input type="submit" value="Convert to SQL" name="textXML" /> </p> </form> </body> </html> Here is script (form.php;I just want to retrieve the contents typed in text area to store to variable...how??) Code: [Select] <?php //get the text in textarea and shred it! if(isset($_POST['textXML'])) print $_POST['pastedXML']; ?> Any help much appreciated! Hello all. I'm new here... and new to php... so please be gentle if I'm overlooking something that's blindingly obvious. I have a 'view blog entries' page and an 'edit blog entries' page. When I go to the 'edit blog entries' page, I want the form fields to display the preexisting blog content for whatever entry I'm about to edit. The code below does display the 'title' but it does not display the 'article' content. (However, the 'title' and 'article' content both show when I view the source code.) Can anyone tell me what I could be doing wrong? Thanks in advance. Code: [Select] // Retrieve the blog post's information: $q = "SELECT title, article FROM entries WHERE article_id=$article_id"; $r = @mysqli_query ($dbc, $q); if (mysqli_num_rows($r) == 1) { // Valid blog entry ID, show the form. // Get the blog entry's information: $row = mysqli_fetch_array ($r, MYSQLI_NUM); echo '<form action="edit_entry.php" method="post"> <p>Title:<br /> <input type="text" name="title" size="45" maxlength="80" value="' . $row[0] . '" /></p> <p>Blog entry<br /> <textarea name="article" id="article" cols="45" rows="5" ' . $row[1] . '></textarea> </p> <p><input type="submit" name="submit" value="Submit" /></p> <input type="hidden" name="submitted" value="TRUE" /> <input type="hidden" name="article_id" value="' . $article_id . '" /> </form>'; } else { // Not a valid entry ID. echo '<p class="error">This page has been accessed in error.</p>'; } mysqli_close($dbc); ?> |