1 Reply Latest reply on Apr 24, 2008 1:41 PM by Newsgroup_User

    Passing HTML data, but not parsing it.

    Bullislander05
      Hi everyone,

      I'm wondering how I would do this:

      I want to have a text area where people can input HTML code, but not where the HTML code is parsed. The text area will end up being added to a table in my database.

      Pretty much, I want people to be able to put this in their text area (Pretend the quote is the text area)
      quote:


      <table>
      <tr>
      <td>
      Test
      </td>
      </tr>
      </table>


      And when they load the web page not see (again pretend the quote is the text area):

      quote:

      Test


      But rather:

      quote:


      <table>
      <tr>
      <td>
      Test
      </td>
      </tr>
      </table>


      Whenever I seem to pass HTML tags in my data, they're getting processed rather than being saved. In the project I'm creating, it's critical that users be able to put the code up in the text areas and have it saved as such.

      Does anyone know of any good ways to pass the data through a form (and ultimately through an SQL statement to change my database) and not have it evaluated in the process? I then need it to be able to be displayed later as raw text, and not evaluated HTML. Just a method to pass data in a text area would be fine. I don't need to worry about any other possible input types.

      Thanks!

      -Bullislander05
        • 1. Re: Passing HTML data, but not parsing it.
          Level 7
          Bullislander05 wrote:
          >
          > Does anyone know of any good ways to pass the data through a form (and
          > ultimately through an SQL statement to change my database) and not have it
          > evaluated in the process? I then need it to be able to be displayed later as
          > raw text, and not evaluated HTML.

          Well the first parts should be happening. Unless you are doing
          something really unusual, the form is going to pass the full,
          unprocessed data to the action template. Which would save it to a
          database again without processing it. A quick look into the data
          actually inside the database should confirm this.


          Where you would have problem is displaying it, since a browser is going
          to parse that code if it receives it straight up. The way around this
          is to escape the HTML special characters so that a browser does not
          render the code, but rather displays it in all its glory. The
          htmlEditFormat() and htmlCodeFormat() functions are for just this
          purpose. The escape all HTML special characters so that they are
          displayed rather then rendered.

          I suggest only escaping the data when displaying rather then when
          storing. Usually much more flexible that way.