Textarea and converting entities - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=11) +--- Thread: Textarea and converting entities (/showthread.php?tid=986) |
Textarea and converting entities - egall8 - 02-03-2015 I have a textarea that uses TinyMCE but have tested this with just the normal textarea. When I submit the form the first time with the following line Code: <p>testing</p> it saves that to the database without a problem, but say I updated another field in the form and do not touch the page content text area it saves this. Code: <p><p>testing</p></p> The only form validation rule being applied is trim as well. PHP Code: <div class="col-md-10"> RE: Textarea and converting entities - Avenirer - 02-03-2015 I guess you can use PHP's htmlentities() function: PHP Code: <?php echo form_textarea($inputs['PAGE_CONTENT'], set_value('PAGE_CONTENT', htmlentities($row->PAGE_CONTENT))); ?> RE: Textarea and converting entities - egall8 - 02-05-2015 (02-03-2015, 02:23 PM)Avenirer Wrote: I guess you can use PHP's htmlentities() function: When i took out the set_value() function from the form_textarea(), I would get the correct values sometimes and other times they wouldn't show up. Do you know if I should be using the set_value() function at all for the form_textarea() function or would it just be easier to not use the helper for the text area and just use plain HTML and echo out the value inside of a text area html tag. Also for anyone reading this now. How should I store HTML from the WYSIWYG editor in the database. Should i be running it through any of Codeigniter's form prep/validation rules or any other PHP functions or is storing plain HTML OK. RE: Textarea and converting entities - Narf - 02-05-2015 No WYSIWIG editor is made to work specifically with CodeIgniter. That being said, you should follow their instructions without using CI-specific form functions. RE: Textarea and converting entities - paralogizing - 02-07-2015 I had this exact same problem when I wrote the CodeIgniter Form Validation Plugin for BootPress. I took me a long time to figure out what was going on, but basically form_prep() is being called twice so it is encoding the entities twice. That is why you can save it fine in a database the first time, but then it is all screwed up the second time around. CodeIgniter 2.x used to check if the value had been prepped before in a convoluted sort of way, but they removed that in CodeIgniter 3.x without any supporting documentation that I have run across. They also added stripslashes() and removed htmlspecialchars() for no apparent reason. The solution is to create a form_helper.php file in your application/helpers folder with the following: PHP Code: <?php We have a static $prepped array that ensures we don't double prep any values, and obviously I think the $is_textarea parameter is superfluous. You can have html entities in any form field, so why only escape them in textareas? This has been working perfectly for me, and I create a lot of forms. I think CodeIgniter should change this before they release 3.0 officially. Maybe I should tell them that. (Sorry, I can't get the htmlentites to display correctly, so do not copy and paste the above. Copy and paste from GitHub instead.) RE: Textarea and converting entities - Narf - 02-07-2015 Maybe you should check first if it hasn't already been changed ... your post is based on outdated code. But anyway, the thing is, set_value() should not be used with form_prep() in the first place, nor should any HTML-encoded data be saved to a database (you database doesn't know HTML) and lastly - no generic third-party tool is designed to work specifically with CI, so you shouldn't use CI helpers to integrate it. RE: Textarea and converting entities - paralogizing - 02-07-2015 You're right. Thanks for pointing that out to me Narf. It looks like form_prep() is just an alias for html_escape() which is just an alias for htmlspecialchars(), but the $double_encode is still set to TRUE by default every time it is called by the helpers, so perhaps that is the problem egall8 is experiencing? |