09-29-2008, 07:37 PM
[eluser]dmorin[/eluser]
Not sure if I'm just being dense or what but I'm not seeing an easy solution to this (I have a feeling I"m just being dense)...
I store all user input in the database escaped using xss_clean and htmlentites. Then, when I echo out certain fields, I use the parse_smileys function to generate the image tags. The problem occurs when someone uses an htmlentity character directly before a closed parenthesis such as
It doesn't appear that these forums are affected by this, so can someone help me out? If I parse_smileys before converting to entities, it'll screw up the image tags and if I wait until after, I get smileys in the wrong places.
Thanks in advance!
Not sure if I'm just being dense or what but I'm not seeing an easy solution to this (I have a feeling I"m just being dense)...
I store all user input in the database escaped using xss_clean and htmlentites. Then, when I echo out certain fields, I use the parse_smileys function to generate the image tags. The problem occurs when someone uses an htmlentity character directly before a closed parenthesis such as
Quote:("TEST")which I then translate to
Quote:("TEST&quotwhich the parse_smileys function then interprets the last two characters to be a wink.
It doesn't appear that these forums are affected by this, so can someone help me out? If I parse_smileys before converting to entities, it'll screw up the image tags and if I wait until after, I get smileys in the wrong places.
Thanks in advance!