Safeguarding against malformed HTML

[mambabomba]

Hi,I'm working on a website that will include views for a product catalog as well as individual products.The products' descriptions will be entered by people with no knowledge of HTML and, as the test run we did shown, they will be riddled with errors - the most common of which are missing, misplaced or redundant closing tags.I wonder if there is a way to encapsulate the unsafe HTML other than with frames?

[thescientist]

maybe you should give them sort of BBC code editor like the one used in the forums, so that way then can input text, and then just choose the formatting they want with any of the given options/button, rather than forcing them to write their own HTML tags.

[Ingolme]

PHP's DOMDocument class has a property that you can set that will attempt to fix malformed mark-up.http://es.php.net/manual/en/class.domdocum...t.props.recoverYou'll need to learn to work with the DOMDocument class first, though.

[mambabomba]

Thanks for the suggestions,I was looking for client-side HTML-only solution, but looks like there isn't one.

[Synook]

HTML can't do anything, much less actually perform input validation. It's just a markup language. You're best off trying to fix it on the server-side, when the descriptions are submitted for storage.

[jeffman]

Rather than using a plain textarea, have you looked into using a WYSIWYG editor? TinyMCE is pretty good.Another alternative is to create a display area where the user's HTML shows up formatted text, rather than as a string of HTML text.Both require a touch of JavaScript, but not much.

[mambabomba]

Thank you all for your help, seems like server-side cleanup it is.@Deirdre's DadWe are using a WYSIWYG editor, but it is rare for people to just type in the text and apply the formatting - usually they write in Word and copy from there, or copy existing HTML, or mix and match all three methods. And just to top it off add the HTML imported from clients and partners - much more of it and usually in much worse shape.@Synook Just to pick some nits, if HTML don't do nothin' then you could say the same of any other language - it is the interpreting program (or machine, or whatever) that does stuff. In HTML's case it's the browser, and as far as I know those things actually do fix the markup, or at least they try. What I was hoping for with my original question was a way to tell the browser that when it is doing the cleanup it should treat the specified portion of the document as a separate entity, fix its markup, and only then merge it with the rest of the document.

[Ingolme]

Thank you all for your help, seems like server-side cleanup it is.@Deirdre's DadWe are using a WYSIWYG editor, but it is rare for people to just type in the text and apply the formatting - usually they write in Word and copy from there, or copy existing HTML, or mix and match all three methods. And just to top it off add the HTML imported from clients and partners - much more of it and usually in much worse shape.@Synook Just to pick some nits, if HTML don't do nothin' then you could say the same of any other language - it is the interpreting program (or machine, or whatever) that does stuff. In HTML's case it's the browser, and as far as I know those things actually do fix the markup, or at least they try. What I was hoping for with my original question was a way to tell the browser that when it is doing the cleanup it should treat the specified portion of the document as a separate entity, fix its markup, and only then merge it with the rest of the document.

HTML doesn't do anything. It can't manipulate information in any way. HTML is just a language that tells the browser how to display the information.

[Synook]

The point I was trying to make is that HTML isn't a programming language, you can't perform computational tasks (such as validation) using it. Actual programming languages (at least imperative ones) describe processes that can be executed by a computer, but HTML just describes content. Sorry if I came across as facetious - I was just trying to highlight the functional difference between markup and programming languages, and the expectations you should have for both types.