5 Replies Latest reply on Jan 31, 2007 1:28 PM by Pekka

    html parsing

    kt03 Level 1
      hi,

      I have the comment field for user to enter the comments. Sometime they enter the html code, so i am looking for someting to script out all the html from the comments but i don't know how. Is anyone has experiences on this?

      Thanks
        • 1. Re: html parsing
          Level 7
          Sometime they enter the html code, so i am looking for someting to
          script out all the html from the comments but i don't know how. Is
          anyone has experiences on this?


          A quick and easy way to render the HTML ineffective is to wrap the input
          and/or output statements with the HTMLCodeFormat() or HTMLEditFormat()
          functions. These functions escape all the angle brackets(<|>) and other
          symbols so that the HTML code is just displayed, not rendered by the
          browser.

          If you want to strip the HTML that takes a bit more effort, but I like
          using these functions as a last line of defense even when using other
          techniques.
          • 2. Re: html parsing
            kt03 Level 1
            is there any example out there that you know? or can you provide me an example?

            Thanks
            • 3. Re: html parsing
              Level 7
              is there any example out there that you know? or can you provide me an
              example?

              Thanks

              Example of what? Using those functions.

              Change something like this:
              <cfoutput>#stuffAnUserInput#<cfoutput>
              TO:
              <cfoutput>#htmlEditFormat(stuffAnUserInput)#</cfoutput>

              And|Or change something like this:

              <cfquery ...>
              INSERT INTO aTable
              {aFieldOfUserInput)
              ('#thmlEditFormat(aFormFieldWithUserInput)#)
              </cfquery><!--- Note: this could considerable lengthen the text input
              into the database. Size the field accordingly. --->

              One would want to add a corresponding change to any related UPDATE
              queries as well.
              • 4. Re: html parsing
                mvierow Level 1
                the safetext UDF can also help you out..

                http://www.cflib.org/udf.cfm?id=56
                • 5. Re: html parsing
                  Pekka Level 1
                  This regex effectively removes all html from a string.

                  <cfset string2 = REReplaceNoCase(string1,"<[^>]*>","","all") />