SitePoint Sponsor |
|
User Tag List
Results 1 to 7 of 7
-
Oct 14, 2009, 16:57 #1
TinyMCE PHP not allowing users to enter certain values
Hey,
I am using TinyMCE for my backend admin section to upload existing details on specific pages of my website.
However when i enter an apostrophe:-
e.g. This isn't a test
Why does this happen and what do i need to do?
I have the following code in my <head> tag:-
PHP Code:<script language="javascript" type="text/javascript" src="tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
tinyMCE.init({
mode : "textareas",
theme : "advanced",
plugins : "safari,spellchecker,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template,imagemanager,filemanager",
// Theme options
theme_advanced_buttons1 : "save,newdocument,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,|,styleselect,formatselect,fontselect,fontsizeselect",
theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,search,replace,|,bullist,numlist,|,outdent,indent,blockquote,|,undo,redo,|,link,unlink,anchor,image,cleanup,help,code,|,insertdate,inserttime,preview,|,forecolor,backcolor",
theme_advanced_buttons3 : "tablecontrols,|,hr,removeformat,visualaid,|,sub,sup,|,charmap,emotions,iespell,media,advhr,|,print,|,ltr,rtl,|,fullscreen",
theme_advanced_buttons4 : "insertlayer,moveforward,movebackward,absolute,|,styleprops,spellchecker,|,cite,abbr,acronym,del,ins,attribs,|,visualchars,nonbreaking,template,blockquote,pagebreak,|,insertfile,insertimage",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true,
// Example content CSS (should be your site CSS)
content_css : "css/example.css",
// Drop lists for link/image/media/template dialogs
template_external_list_url : "js/template_list.js",
external_link_list_url : "js/link_list.js",
external_image_list_url : "js/image_list.js",
media_external_list_url : "js/media_list.js"
});
//you can also used “advanced” for themes
</script>
Regards
-
Oct 14, 2009, 17:08 #2
- Join Date
- Aug 2000
- Location
- Philadephia, PA
- Posts
- 20,578
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
The problem is not your HTML or JavaScript but your PHP code processing the form
You are likely not escaping the string before inserting it into your query
Use mysql_real_escape_stringTry Improvely, your online marketing dashboard.
→ Conversion tracking, click fraud detection, A/B testing and more
-
Oct 14, 2009, 17:21 #3
Hey,
I have changed the way i insert like this, but still no luck:--
PHP Code:$title = $_POST['txt_title'];
$details = $_POST['txt_details'];
$date = $_POST['txt_date'];
$info = $_POST['txt_info'];
$day = $_POST['txt_day'];
mysql_real_escape_string($title);
mysql_real_escape_string($details);
mysql_real_escape_string($date);
mysql_real_escape_string($info);
mysql_real_escape_string($day);
$insert = "INSERT INTO bills (bill_title, bill_info, bill_date, other_info, bill_day, active, archive, date_added) VALUES
(
$title,
$details,
$date,
$info,
$day,
'1', 'NO', now()
)";
$add_member = mysql_query($insert);
-
Oct 14, 2009, 17:35 #4
- Join Date
- Aug 2000
- Location
- Philadephia, PA
- Posts
- 20,578
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
mysql_real_escape_string returns a string, it does not modify a string, so you haven't changed anything
PHP Code:$details = mysql_real_escape_string($details);
PHP Code:$insert = "INSERT INTO bills (bill_title, bill_info, bill_date, other_info, bill_day, active, archive, date_added) VALUES
(
'$title',
'$details',
'$date',
'$info,
'$day',
'1', 'NO', now()
)";
Try Improvely, your online marketing dashboard.
→ Conversion tracking, click fraud detection, A/B testing and more
-
Oct 14, 2009, 17:42 #5
Thanks!
It works now
Regards
-
Oct 14, 2009, 18:02 #6
Hey,
One final thing whilst we are talking about tinyMCE, i have realised that everything is within <p> tags when using the plugin.
So in my database all my fields will have <p> tags around them. This is mucking up my styles and i cant seem to fix is accordingly.
If you take a look at this page:-
http://www.listentotheconstituents.com/manage_bills.php
Take a look at the "This weeks bills" section at the top. The bottom link has been created using tinyMCE but as you can see it spoils the styles. What do i need to do in order for this to match the links directly above it?
Regards
-
Oct 14, 2009, 18:50 #7
- Join Date
- Aug 2000
- Location
- Philadephia, PA
- Posts
- 20,578
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
You can either remove the <p> tags before storing the text in the database, you can remove the <p> tags after retrieving the stored text from the database, or you can edit your stylesheet so <p> tags look the way you want them.
http://php.net/manual/en/function.str-replace.php
http://us2.php.net/manual/en/function.preg-replace.phpTry Improvely, your online marketing dashboard.
→ Conversion tracking, click fraud detection, A/B testing and more
Bookmarks