php - Where's my html tags going? -

-

starting frustrated form. i'm submitting html content database, stored , retrieved display on front end. have made sure use htmlspecialchars(), however, code getting stripped down plain text upon saving.

i've read ton of post's questions identical mine, haven't found suitable answer.

here's code i'm having trouble with:

<li>             <label for="summary">article summary</label>         <textarea name="summary" id="summary" placeholder="brief description of article" required maxlength="1000" style="height: 5em;"><?php echo htmlspecialchars( $results['article']->summary )?></textarea>  <script>   ckeditor.replace( 'summary', {    filebrowserbrowseurl: 'wysiwyg/kcfinder/browse.php?    opener=ckeditor&type=files',    filebrowserimagebrowseurl: 'wysiwyg/kcfinder/browse.php?    opener=ckeditor&type=images',    filebrowserflashbrowseurl: 'wysiwyg/kcfinder/browse.php?    opener=ckeditor&type=flash',    filebrowseruploadurl: 'wysiwyg/kcfinder/upload.php?    opener=ckeditor&type=files',    filebrowserimageuploadurl: 'wysiwyg/kcfinder/upload.php?    opener=ckeditor&type=images',    filebrowserflashuploadurl: 'wysiwyg/kcfinder/upload.php?    opener=ckeditor&type=flash' });  </script>            </li>

here's example of input:

<p><img alt="" src="/wysiwyg/kcfinder/upload/images/plymouth.png" style="height:323px; width:549px" /></p>

here's output:

pimg alt"" src"wysiwygkcfinderuploadimagesplymouth.png" style"height:323px width:549px" p

it submits database, , it's being retrieved , displayed on front-end, without html. also, output how it's being stored in database.

what happening here?

edit: php code requested.

<?php  /**  * class handle articles  */  class article {   // properties    /**   * @var int article id database   */   public $id = null;    /**   * @var int when article / first published   */   public $publicationdate = null;    /**   * @var string full title of article   */   public $title = null;     /**    * @var string short summary of article   */   public $summary = null;    /**   * @var string html content of article   */   public $content = null;     /**   * sets object's properties using values in supplied array   *    * @param assoc property values   */    public function __construct( $data=array() ) {     if ( isset( $data['id'] ) ) $this->id = (int) $data['id'];     if ( isset( $data['publicationdate'] ) ) $this->publicationdate = (int)     $data['publicationdate'];     if ( isset( $data['title'] ) ) $this->title = $data['title'];     if ( isset( $data['summary'] ) ) $this->summary =  $data['summary'];     if ( isset( $data['content'] ) ) $this->content = $data['content'];   }     /**   * sets object's properties using edit form post values in supplied array   *   * @param assoc form post values   */    public function storeformvalues ( $params ) {      // store parameters     $this->__construct( $params );      // parse , store publication date     if ( isset($params['publicationdate']) ) {       $publicationdate = explode ( '-', $params['publicationdate'] );        if ( count($publicationdate) == 3 ) {         list ( $y, $m, $d ) = $publicationdate;         $this->publicationdate = mktime ( 0, 0, 0, $m, $d, $y );       }     }   }     /**   * returns article object matching given article id   *   * @param int article id   * @return article|false article object, or false if record not     found or there problem   */    public static function getbyid( $id ) {     $conn = new pdo( db_dsn, db_username, db_password );     $sql = "select *, unix_timestamp(publicationdate) publicationdate     articles id = :id";     $st = $conn->prepare( $sql );     $st->bindvalue( ":id", $id, pdo::param_int );     $st->execute();     $row = $st->fetch();     $conn = null;     if ( $row ) return new article( $row );   }     /**   * returns (or range of) article objects in db   *   * @param int optional number of rows return (default=all)   * @param string optional column order articles     (default="publicationdate desc")   * @return array|false two-element array : results => array, list of     article objects; totalrows => total number of articles   */    public static function getlist( $numrows=1000000, $order="publicationdate desc" ) {     $conn = new pdo( db_dsn, db_username, db_password );     $sql = "select sql_calc_found_rows *, unix_timestamp(publicationdate) publicationdate articles         order " . mysql_escape_string($order) . " limit :numrows";      $st = $conn->prepare( $sql );     $st->bindvalue( ":numrows", $numrows, pdo::param_int );     $st->execute();     $list = array();      while ( $row = $st->fetch() ) {       $article = new article( $row );       $list[] = $article;     }      // total number of articles matched criteria     $sql = "select found_rows() totalrows";     $totalrows = $conn->query( $sql )->fetch();     $conn = null;     return ( array ( "results" => $list, "totalrows" => $totalrows[0] ) );   }     /**   * inserts current article object database, , sets id property.   */    public function insert() {      // article object have id?     if ( !is_null( $this->id ) ) trigger_error ( "article::insert(): attempt     insert article object has id property set (to $this-    >id).", e_user_error );      // insert article     $conn = new pdo( db_dsn, db_username, db_password );     $sql = "insert articles ( publicationdate, title, summary, content     ) values ( from_unixtime(:publicationdate), :title, :summary, :content )";     $st = $conn->prepare ( $sql );     $st->bindvalue( ":publicationdate", $this->publicationdate,     pdo::param_int );     $st->bindvalue( ":title", $this->title, pdo::param_str );     $st->bindvalue( ":summary", $this->summary, pdo::param_str );     $st->bindvalue( ":content", $this->content, pdo::param_str );     $st->execute();     $this->id = $conn->lastinsertid();     $conn = null;   }     /**   * updates current article object in database.   */    public function update() {      // article object have id?     if ( is_null( $this->id ) ) trigger_error ( "article::update(): attempt     update article object not have id property set.", e_user_error );      // update article     $conn = new pdo( db_dsn, db_username, db_password );     $sql = "update articles set     publicationdate=from_unixtime(:publicationdate), title=:title, summary=:summary,     content=:content id = :id";     $st = $conn->prepare ( $sql );     $st->bindvalue( ":publicationdate", $this->publicationdate, pdo::param_int );     $st->bindvalue( ":title", $this->title, pdo::param_str );     $st->bindvalue( ":summary", $this->summary, pdo::param_str );     $st->bindvalue( ":content", $this->content, pdo::param_str );     $st->bindvalue( ":id", $this->id, pdo::param_int );     $st->execute();     $conn = null;   }     /**   * deletes current article object database.   */    public function delete() {      // article object have id?     if ( is_null( $this->id ) ) trigger_error ( "article::delete(): attempt delete article object not have id property set.", e_user_error );      // delete article     $conn = new pdo( db_dsn, db_username, db_password );     $st = $conn->prepare ( "delete articles id = :id limit 1" );     $st->bindvalue( ":id", $this->id, pdo::param_int );     $st->execute();     $conn = null;   }  }  ?>

ok. figured out problem.

in php code there preg_replace string stripped html tags out of submissions. removing code allowed me store way needed stored.

the line preg_replace ( "/[^\.\,\-\_\'\"\@\?\!\:\$ a-za-z0-9()]/", "", needed removed part processed form submission in order keep html tags.

when removing line, sure remove ) end of string, or generate php error: unexpected ')' on line xx


Comments

Post a Comment

Popular posts from this blog

SVG stroke-linecap doesn't work for circles in Firefox? -

-
i've got problem svg stroke-linecap attribute. i've got circular progress bar in angularjs , set outer circle (blue one) have rounded "ends". @ fiddle . <svg ... height="130" width="130"> <!-- ngif: background --> <circle ... ng-if="background" fill="#fff" class="ng-scope" stroke-width="13" stroke="#cc3399" r="57.5" cy="65" cx="65" stroke-linecap="round" /> <!-- end ngif: background --> <circle ... fill="none" stroke-dashoffset="36.12831551628261" stroke-dasharray="361.28315516282623" stroke-width="13" stroke="#432db3" stroke-linecap="round" r="57.5" cy="65" cx="65" transform="rotate(-89.9, 65, 65)" /> </svg> how can that? ...
Read more

routes - Laravel 4 Wildcard Routing to Different Controllers -

-
realizing i'm going take beating this, have several questions "best practices" when constructing laravel route. do laravel routes run "first come first serve" top bottom? if route found, pass control controller (or perform action) , terminate? i have part of application acts url shortner. so, route looks this: route::get('/{id}', array('as' => 'home.text', 'uses' => 'homecontroller@text'), function($id){ //make sure id exists before pushing controller. if (storage::where('shortcode','=', $id)->count() > 0) { // route found } }); how can improved? one, i'm not sure how pass processing on controller conditionally.. sort of controller::make() ..? 3) there better way in laravel check if record exists versus doing mode::where('column','=','value')->count() 4) have legacy urls http://url.com/?...
Read more

cross browser - XSLT namespace-alias Not Working in Firefox or Chrome -

-
i transforming xhtml xhtml, need xslt stylesheet part of resulting document (the stylesheet contained in <script type"text/template"> element. using the xsl:namespace-alias instruction, works fine in ie, fails in both chrome , firefox. here relevant code: <xsl:output doctype-system="about:legacy-compat" omit-xml-declaration="yes" indent="yes" method="html" media-type="application/xhml" encoding="utf-8"/> <xsl:namespace-alias stylesheet-prefix="wxsl" result-prefix="xsl" /> <xsl:template match="head"> <!-- code omitted clarity --> <script type="text/template"> <wxsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/xsl/transform" xmlns="http://www.w3.org/1999/xhtml" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:eli="local"> ...
Read more