son Posted June 29, 2011 Share Posted June 29, 2011 Is it not good coding practice to have <p>, <h1> etc within textarea? Just validated page and was a bit surprised. There is no way around this as it enters data in database to be displayed with the relevant HTML element, but I just wonder what the situation is anyway...Son Link to comment Share on other sites More sharing options...
boen_robot Posted June 29, 2011 Share Posted June 29, 2011 There IS a workaround. While you're echoing the code, use htmlspecialchars() to encode it as plain text. That is all you need to validate. Link to comment Share on other sites More sharing options...
son Posted June 29, 2011 Author Share Posted June 29, 2011 There IS a workaround. While you're echoing the code, use htmlspecialchars() to encode it as plain text. That is all you need to validate.But do I not then have the problem of inserting the data into database again? This validation issue occurred on page to update content stored in db for display on a web page...Son Link to comment Share on other sites More sharing options...
Ingolme Posted June 29, 2011 Share Posted June 29, 2011 You should only apply the function after extracting the data from the database and only when you need to. Link to comment Share on other sites More sharing options...
ShadowMage Posted June 29, 2011 Share Posted June 29, 2011 But do I not then have the problem of inserting the data into database again? This validation issue occurred on page to update content stored in db for display on a web page...If you mean submitting the form again and saving the value of the textarea to the database, no, HTML entities (such as < and >) will be submitted as whatever characters they represent. < will be submitted as '<' and > will be '>' Link to comment Share on other sites More sharing options...
son Posted June 29, 2011 Author Share Posted June 29, 2011 If you mean submitting the form again and saving the value of the textarea to the database, no, HTML entities (such as < and >) will be submitted as whatever characters they represent. < will be submitted as '<' and > will be '>'Had a test and seems to work fine... Is this the standard way of dealing with submitting/displaying web page content to be stored in database? Validates now beautyfully:-)Son Link to comment Share on other sites More sharing options...
boen_robot Posted June 29, 2011 Share Posted June 29, 2011 It's pretty much the standard way, yes. Or rather, it's what's the way according to the standards... the best way... not necessarily what people always actually do. Link to comment Share on other sites More sharing options...
son Posted June 30, 2011 Author Share Posted June 30, 2011 It's pretty much the standard way, yes. Or rather, it's what's the way according to the standards... the best way... not necessarily what people always actually do.I see what you mean. I always get a funny look when I validate all my pages as it is rather time consuming. However, I also like it for personal reasons as it helps me to get better coding practice:-)I will use now$pageContent = htmlspecialchars($pageContent, ENT_NOQUOTES);to display text in the textareas on all pages.Thanks for help with this,Son Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.