If so, then consider NOT doing it, and instead solving the problem of a </textarea> within the textarea. possible solutions may include:
1. not allowing such tags
2. just converting the problem tag to entities, rather than the whole string with
str_replace('</textarea>','</textarea>',$string);
then converting it back with
str_replace('</textarea>','</textarea>',$string);
This way, all other tags, entities and whatever are preserved.
Just a suggestion -- it's 2am here, so I'm sure there are other ways!
Justin
On Saturday, August 9, 2003, at 01:13 AM, Thaddeus J. Quintin wrote:
Hello-
I'm working on a site where users have the option to type HTML code into a textarea, or upload HTML code from a local file which is then displayed in the text area.
The obvious problem is that an uploaded file that contains a closing tag for a textarea can wreak havoc and eat up the rest of the page. So, in order to get it to display properly, I called htmlspecialchars() on the string and that works fine.
After any editing has been done, I can convert the text back using html_entity_decode(). This seems to be a decent solution to the problem.
However, if the user has included htmlentities in their code, won't these get converted when I call the decode function? Even something simple like using a '<' symbol for a little arrow. This would need to remain a '<' and not get converted when html_entity_decode() is called.
Anybody dealt with something along these lines before or have some idea of a good solution?
Thanks- Thaddeus
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
--- [This E-mail scanned for viruses]
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
