Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

0

[code] with htmlspecialchars

Started by BigDog, Mar 18 2007 10:14 PM

You cannot reply to this topic
Go to first unread post

1 reply to this topic

#1 BigDog

Young Padawan

Members
277 posts

Gender:Male
Location:Orange County, California
Interests:Running, building computers, PC games and BMX and programming.

Posted 18 March 2007 - 10:14 PM

Well, i have a forum system going and added bbcode to it. It all works fine and dandy but when using the

, it should use htmlspecialchars to take out the html in the [code]ed area.

I've tried this
[code]		'#\[code\](.*?)\[/code\]#si' => 'Code: <div style="padding: 10px;border:1px dashed; border-color:#FF0000;">'.htmlspecialchars(\\1).'</div>',

but that only gives me an error. My original code is:

		'#\[code\](.*?)\[/code\]#si' => 'Code: <div style="padding: 10px;border:1px dashed; border-color:#FF0000;">\\1</div>',

Basicly i need that to not sure the html part. Just to show <a href="#">Test</a> when someone trys to make a link in the [code] tag.

Back to top

#2 rc69

PHP Master PD

P2L Staff
3,827 posts

Gender:Male
Location:Here
Interests:Web Development

Posted 19 March 2007 - 12:18 AM

'#\[code\](.*?)\[/code\]#si' => 'Code: <div style="padding: 10px;border:1px dashed; border-color:#FF0000;">'.htmlspecialchars(\\1).'</div>'

htmlspecialchars() is a php function. preg_replace() (what i assume you're using), is also a php function.
These are the signatures for both:

mixed preg_replace ( mixed $pattern, mixed $replacement, mixed $subject [, int $limit [, int &$count]] )
string htmlspecialchars ( string $string [, int $quote_style [, string $charset]] )

Signatures work like this:

return_type function_name ( param_type $variable_name [, optional_param $optional_param] )

What that basically means is, when you are defining the array that contains your bbcode find/replace data, you are defining an array that contains a bunch of regex strings. The strings are then passed to preg_replace() in a certain order so they match and replace the right stuff.
Since php is evaluated one line at a time, when you define the code element of the array, htmlspecialchars() is called with the undefined constant \\1 being passed to a paramater that technically only accepts strings and and arrays. A string is then returned, and the return string is then concatenated into the whole string stored in the array (confusing huh).

So, now that the long boring stuff is out of the way, here's the solution:
http://www.pixel2life.com/forums/index.php...st&p=155294

Back to top

Back to Programming and General Web Design · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users