Skip navigation
adamaas
adamaas
Currently Being Moderated

Problems saving/ displaying codes

May 16, 2012 3:24 AM

Hello,

 

I want to save html codes or any language code in my database.

 

For instance, am saving the text below in the database :

 

<!--- STRIP OUT ALL HTML --->

<cfset test = StripToHTML.stripHtml(VARIABLES.text, "all")>

<cfdump var="#test#"><br/>

 

<!--- STRIP OUT IMG, B, AND EM TAGS --->

<cfset test1 = StripToHTML.stripHtml(VARIABLES.text, "img,tag,false;b,tag,true;em,content,true")>

<cfdump var="#test1#"><br/>

 

When it has been saved in the database, it's like follows :

 

&lt;!--- STRIP OUT ALL HTML ---&gt;

&lt;cfset test = StripToHTML.stripHtml(VARIABLES.text, "all")&gt;

&lt;cfdump var="#test#"&gt;&lt;br/&gt;

 

&lt;!--- STRIP OUT IMG, B, AND EM TAGS ---&gt;

&lt;cfset test1 = StripToHTML.stripHtml(VARIABLES.text, "img,tag,false;b,tag,true;em,content,true")&gt;

&lt;cfdump var="#test1#"&gt;&lt;br/&gt;

 

And when I am displaying it on a page, it displayed as above.

 

Someone can tell me how to save the codes in the correct format in the database and how to make them display correctly ?

 

I am using MSSQL 2008 for the database.

426 Views   4 Replies   Latest reply: adamaas, May 16, 2012 10:38 PM
 
Replies
  • Dan Bracuk
    Currently Being Moderated
    1. Dan Bracuk,
    May 16, 2012 4:53 AM   in reply to adamaas
    Report

    Go to cflib.org and look for a function called safetext.  It will preserve benign tags and strip out dangerous ones.

     

    Then, store the html exactly as you receive it.  Use safetext when you display it.

     
    |
    Mark as:
  • Adam Cameron.
    Currently Being Moderated
    2. Adam Cameron.,
    May 16, 2012 5:43 AM   in reply to adamaas
    Report

    So you don't want to strip it out, you want to escape it?

     

    Would htmlEditFormat() do the trick?  Or if you're on CF10 (which, admittedly, is doubtful ;-), encodeForHtml()?

     

    --

    Adam

     
    |
    Mark as:
  • adamaas
    Currently Being Moderated
    3. adamaas,
    May 16, 2012 10:32 PM   in reply to Adam Cameron.
    Report

    htmlEditFormat() don't do the trick and am using coldfusion 9 so can't use the encodeforhtml.

     
    |
    Mark as:
  • adamaas
    Currently Being Moderated
    4. adamaas,
    May 16, 2012 10:38 PM   in reply to Dan Bracuk
    Report

    well I have used the function safetext but unfortunately its not good.

     

    I have test it with the test below :

     

    Hello V/s <b>Hello</b>

     

    and the result after using safetext qive me the result :

     

    Hello  V/s &lt;b&gt;Hello&lt;/b&gt;

     

    I have already do a rereplace function to replace the &lt; and &gt; with <> but this would appear like :

     

    Hello  V/s Hello

     

    Instead of showing the tag b , it execute the html tag.

     

    I don't know how to make any codes appear on a page.

     

    Could anyone please help me ?

     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points