Hi Paul,
Could you please send View HTML source of browser page where you display database HTML content? Best regards, Sasa From: talk-boun...@lists.nyphp.org [mailto:talk-boun...@lists.nyphp.org] On Behalf Of tu...@netzero.net Sent: Thursday, April 05, 2012 12:23 AM To: talk@lists.nyphp.org Subject: [nyphp-talk] PHP function to execute HTML tags >> Can you guys tell me what the PHP function that executes HTML tags when the content from the database contains HTML tags get dumped onto the webpage? >> >> What I am talking about is that when HTML tags got stored in the database, it gets treated like ordinary plain texts and when those plain texts get dumped onto the webpage, the browser treats or displays them as texts. >> >As Lester mentioned, it sounds like your html was escaped when it was stored to the >database. Another possibiliy is that you are using some type of framework (like Zend, >Symfony, Cake, etc) that is automatically escaping output. If you are using a framework, let >us know what it is. Just a guess, but how about this: >echo stripslashes($html); >http://php.net/stripslashes >or if that doesn't work >echo html_entity_decode($html); >http://php.net/html_entity_decode >Just be very careful about this html in your database. If it's being entered by a user, that's a >very common source of security exploits in php. You need to make sure to clean it in some >way. HtmlPurifier is a library that can do this for you - http://htmlpurifier.org/ Thanks to Lester and Rob for replying. I don't use any Framework or Tools--just plain PHP handwritten code. Here's what I did: 1. Take the content from the form (<textarea> user input). 2. Escape it and add it to the database: Content = mysql_real_escape_string($Content); /* Add info into the database */ $query = "INSERT INTO `Content_Table` ( Content`, `Datestamp` ) VALUES ( '$Content', '$Datestamp' )"; mysql_query($query); 3. Retrieve the content from the database and display it on the web. $query = @mysql_query("SELECT Content, DATE_FORMAT(Datestamp, '%W %M %d, %Y %r') AS FormatDatetimestamp FROM Content_Table ORDER BY Datetimestamp DESC") or mysql_error(); if (mysql_num_rows($query) > 0) { while ($row = mysql_fetch_array($query)) { $Content = $row['Content']; echo $Content; } } The content that gets stored in the database contains both plain texts and HTML tags like <a>, <table>, <tr>, etc. When those tags get displayed, the Browser doesn't treat those tags as HTML entities, but rather as ordinary plain texts. Thanks in advance. Paul ---------- Original Message ---------- From: talk-requ...@lists.nyphp.org To: talk@lists.nyphp.org Subject: talk Digest, Vol 66, Issue 3 Date: Wed, 04 Apr 2012 12:00:02 -0400 Send talk mailing list submissions to talk@lists.nyphp.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.nyphp.org/mailman/listinfo/talk or, via email, send a message with subject or body 'help' to talk-requ...@lists.nyphp.org You can reach the person managing the list at talk-ow...@lists.nyphp.org When replying, please edit your Subject line so it is more specific than "Re: Contents of talk digest..." Today's Topics: 1. PHP function to execute HTML tags (tu...@netzero.net) 2. Re: PHP function to execute HTML tags (Ron Guerin) 3. Next Meeting Poll and PHP Usage Statistics (Hans Zaunere) 4. Re: Next Meeting Poll and PHP Usage Statistics (Rolan Yang) 5. Re: Next Meeting Poll and PHP Usage Statistics (David Krings) 6. Re: PHP function to execute HTML tags (Lester Leong) 7. Re: PHP function to execute HTML tags (Rob Marscher) ---------------------------------------------------------------------- Message: 1 Date: Tue, 3 Apr 2012 21:44:24 GMT From: "tu...@netzero.net" <tu...@netzero.net> To: talk@lists.nyphp.org Subject: [nyphp-talk] PHP function to execute HTML tags Message-ID: <20120403.164424.1864...@webmail06.dca.untd.com> Content-Type: text/plain; charset="windows-1252" Hi! Can you guys tell me what the PHP function that executes HTML tags when the content from the database contains HTML tags get dumped onto the webpage? I used to know it but since I haven't used it for a long time, I can't think of its name right now. What I am talking about is that when HTML tags got stored in the database, it gets treated like ordinary plain texts and when those plain texts get dumped onto the webpage, the browser treats or displays them as texts. Thanks in advance! Paul ____________________________________________________________ 53 Year Old Mom Looks 33 The Stunning Results of Her Wrinkle Trick Has Botox Doctors Worried http://thirdpartyoffers.netzero.net/TGL3231/4f7b6f799dd92335392bst04duc -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nyphp.org/pipermail/talk/attachments/20120403/cf7273b4/attachm ent-0001.html> ------------------------------ Message: 2 Date: Tue, 03 Apr 2012 18:55:54 -0400 From: Ron Guerin <r...@vnetworx.net> To: talk@lists.nyphp.org Subject: Re: [nyphp-talk] PHP function to execute HTML tags Message-ID: <4f7b7ffa.4010...@vnetworx.net> Content-Type: text/plain; charset=windows-1252 On 04/03/2012 05:44 PM, tu...@netzero.net wrote: > Hi! > > Can you guys tell me what the PHP function that executes HTML tags when > the content from the database contains HTML tags get dumped onto the > webpage? > > I used to know it but since I haven't used it for a long time, I can't > think of its name right now. > > What I am talking about is that when HTML tags got stored in the > database, it gets treated like ordinary plain texts and when those plain > texts get dumped onto the webpage, the browser treats or displays them > as texts. I'm not entirely sure I understand the question. You can echo HTML retrieved from the database to execute HTML markup. To see the markup as text, you can echo it after running it through htmlentities(). http://us3.php.net/manual/en/function.htmlentities.php - Ron ------------------------------ Message: 3 Date: Tue, 3 Apr 2012 19:32:01 -0400 From: "Hans Zaunere" <b...@zaunere.com> To: "NYPHP Talk" <talk@lists.nyphp.org> Subject: [nyphp-talk] Next Meeting Poll and PHP Usage Statistics Message-ID: <001201cd11f1$f8da0280$ea8e0780$@zaunere.com> Content-Type: text/plain; charset="us-ascii" Hi all, First, a couple of interesting stats/surveys: http://www.tiobe.com/index.php/content/paperinfo/tpci/index.html http://venturebeat.com/2012/01/11/what-developers-will-be-doing-learning-lis tening-to-in-2012-survey-results/ Thoughts/conclusions from the two links? Some interesting correlations and trends come to mind... And now to collect some statistics of our own. NYPHP speaking super-star Anthony Ferrara will be returning in the coming months, and we have the opportunity to pick from the following topics: STUPID and SOLID code: http://nikic.github.com/2011/12/27/Dont-be-STUPID-GRASP-SOLID.html becoming a better developer: http://blog.ircmaxell.com/2011/11/becoming-better-developer.html optimization strategies in PHP starting with http://blog.ircmaxell.com/2011/08/on-optimization-in-php.html and going into strategies and techniques real-world applications of design patterns http://blog.ircmaxell.com/2012/03/handling-plugins-in-php.html PHP's internals, as a primer guide http://blog.ircmaxell.com/2012/03/phps-source-code-for-php-developers.html Please let's discuss on-list or send your +1 vote for a particular talk. --- Hans Zaunere / New York PHP ------------------------------ Message: 4 Date: Tue, 03 Apr 2012 19:42:24 -0400 From: Rolan Yang <ro...@omnistep.com> To: NYPHP Talk <talk@lists.nyphp.org> Subject: Re: [nyphp-talk] Next Meeting Poll and PHP Usage Statistics Message-ID: <4f7b8ae0.8020...@omnistep.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Logo is in the top 20??? On 4/3/2012 7:32 PM, Hans Zaunere wrote: > Hi all, > > First, a couple of interesting stats/surveys: > > http://www.tiobe.com/index.php/content/paperinfo/tpci/index.html > > http://venturebeat.com/2012/01/11/what-developers-will-be-doing-learning-lis > tening-to-in-2012-survey-results/ > > Thoughts/conclusions from the two links? Some interesting correlations and > trends come to mind... > > > And now to collect some statistics of our own. NYPHP speaking super-star > Anthony Ferrara will be returning in the coming months, and we have the > opportunity to pick from the following topics: > > STUPID and SOLID code: > http://nikic.github.com/2011/12/27/Dont-be-STUPID-GRASP-SOLID.html > > becoming a better developer: > http://blog.ircmaxell.com/2011/11/becoming-better-developer.html > > optimization strategies in PHP > starting with http://blog.ircmaxell.com/2011/08/on-optimization-in-php.html > and going into strategies and techniques > > real-world applications of design patterns > http://blog.ircmaxell.com/2012/03/handling-plugins-in-php.html > > PHP's internals, as a primer guide > http://blog.ircmaxell.com/2012/03/phps-source-code-for-php-developers.html > > Please let's discuss on-list or send your +1 vote for a particular talk. > > --- > Hans Zaunere / New York PHP > > > > _______________________________________________ > New York PHP User Group Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > http://www.nyphp.org/show-participation > ------------------------------ Message: 5 Date: Tue, 03 Apr 2012 20:31:18 -0400 From: David Krings <ram...@gmx.net> To: NYPHP Talk <talk@lists.nyphp.org> Subject: Re: [nyphp-talk] Next Meeting Poll and PHP Usage Statistics Message-ID: <4f7b9656.8070...@gmx.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 4/3/2012 7:42 PM, Rolan Yang wrote: > Logo is in the top 20??? Yea, but I wonder how it got there. But then I also wonder what the point of 234234234234 different C dialects is. David ------------------------------ Message: 6 Date: Tue, 3 Apr 2012 21:07:17 -0400 From: Lester Leong <lester.ble...@gmail.com> To: NYPHP Talk <talk@lists.nyphp.org> Subject: Re: [nyphp-talk] PHP function to execute HTML tags Message-ID: <CAAxweOTBAY8zD04U9Czv_x1=6txoxpcvqoyy5gxwqtjgeg3...@mail.gmail.com> Content-Type: text/plain; charset="iso-8859-1" Double-check how the markup is being saved to the database. You might be inadvertently applying htmlentities or other processing to escape / remove special chars. On Tue, Apr 3, 2012 at 6:55 PM, Ron Guerin <r...@vnetworx.net> wrote: > On 04/03/2012 05:44 PM, tu...@netzero.net wrote: > > Hi! > > > > Can you guys tell me what the PHP function that executes HTML tags when > > the content from the database contains HTML tags get dumped onto the > > webpage? > > > > I used to know it but since I haven't used it for a long time, I can't > > think of its name right now. > > > > What I am talking about is that when HTML tags got stored in the > > database, it gets treated like ordinary plain texts and when those plain > > texts get dumped onto the webpage, the browser treats or displays them > > as texts. > > I'm not entirely sure I understand the question. > > You can echo HTML retrieved from the database to execute HTML markup. > > To see the markup as text, you can echo it after running it through > htmlentities(). > > http://us3.php.net/manual/en/function.htmlentities.php > > - Ron > > _______________________________________________ > New York PHP User Group Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > http://www.nyphp.org/show-participation > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nyphp.org/pipermail/talk/attachments/20120403/901e7970/attachm ent-0001.html> ------------------------------ Message: 7 Date: Wed, 4 Apr 2012 03:10:12 -0400 From: Rob Marscher <rmarsc...@beaffinitive.com> To: NYPHP Talk <talk@lists.nyphp.org> Subject: Re: [nyphp-talk] PHP function to execute HTML tags Message-ID: <0270e513-664b-40e1-ab30-c3435f924...@beaffinitive.com> Content-Type: text/plain; charset="windows-1252" On Apr 3, 2012, at 5:44 PM, tu...@netzero.net wrote: > Can you guys tell me what the PHP function that executes HTML tags when the content from the database contains HTML tags get dumped onto the webpage? > > What I am talking about is that when HTML tags got stored in the database, it gets treated like ordinary plain texts and when those plain texts get dumped onto the webpage, the browser treats or displays them as texts. > As Lester mentioned, it sounds like your html was escaped when it was stored to the database. Another possibiliy is that you are using some type of framework (like Zend, Symfony, Cake, etc) that is automatically escaping output. If you are using a framework, let us know what it is. Just a guess, but how about this: echo stripslashes($html); http://php.net/stripslashes or if that doesn't work echo html_entity_decode($html); http://php.net/html_entity_decode Just be very careful about this html in your database. If it's being entered by a user, that's a very common source of security exploits in php. You need to make sure to clean it in some way. HtmlPurifier is a library that can do this for you - http://htmlpurifier.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nyphp.org/pipermail/talk/attachments/20120404/a2e0224b/attachm ent-0001.html> ------------------------------ _______________________________________________ talk mailing list talk@lists.nyphp.org http://lists.nyphp.org/mailman/listinfo/talk End of talk Digest, Vol 66, Issue 3 *********************************** ____________________________________________________________ <http://thirdpartyoffers.netzero.net/TGL3232/4f7cc9d6a833e55c31st06duc> 53 Year Old Mom Looks 33 The Stunning Results of Her Wrinkle Trick Has Botox Doctors Worried <http://thirdpartyoffers.netzero.net/TGL3232/4f7cc9d6a833e55c31st06duc> consumerproducts.com
_______________________________________________ New York PHP User Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/show-participation
