SitePoint Sponsor

User Tag List

Results 1 to 12 of 12
  1. #1
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Prepare text area string for AJAX?

    Hey all,

    I am just putting the finishing touches to a comment system. It uses Asynchronous HTML over HTTP to send a comment (GET request) entered into a text area.

    My question is, should be escapeing / encodeing this string before it is sent? I am concerned a user might enter some characters that might break the query string, and therefor not be able to submit their comment (I hope that makes sense).

  2. #2
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,198
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    encodeURIComponent would be a good method to use when dealing with query strings in the URI

  3. #3
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hello SgtLegend,

    Ah yes thats the one I had in mind - I used it last year and couldnt remember the name.

    Just one other question for you. On facebook when you enter say a comment into your status or wherever, it remembers formatting such as horizontal space between paragraphs, and I was wondering how do they acehive this?

    In the past when ive written comment systems it just ends up as one big string !

  4. #4
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,198
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    All you need to do is write a simple replace string that replaces

    \t = tab
    \n = new line
    \r = return
    ' ' = space

    Replacements
    \t =      - Usually its 4 indents for a tab
    \n = <br />
    \r = <br />
    ' ' = &nbsp;

  5. #5
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by SgtLegend View Post
    All you need to do is write a simple replace string that replaces

    \t = tab
    \n = new line
    \r = return
    ' ' = space

    Replacements
    \t = &nbsp;&nbsp;&nbsp;&nbsp; - Usually its 4 indents for a tab
    \n = <br />
    \r = <br />
    ' ' = &nbsp;
    Could you give me an example of how to do that possibly?

  6. #6
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,198
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    How do you plan on parsing it? Server side or using javascript

  7. #7
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by SgtLegend View Post
    How do you plan on parsing it? Server side or using javascript
    It is sent straight to my PHP script, run through :-

    PHP Code:
    $strComment mysql_real_escape_string(trim ($_GET['strComment'])); 
    then put into the DB, later down the page extracted and echo'd to the document.

  8. #8
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,198
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Give this a try

    PHP Code:
    $strComment mysql_real_escape_string(trim($_GET['strComment']));
    $strComment str_replace('\t''&nbsp;&nbsp;&nbsp;&nbsp;'$strComment);
    $strComment str_replace(array('\n','\r'), '<br />'$strComment);
    $strComment str_replace(' ''&nbsp;'$strComment); 

  9. #9
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That looks great! Im getting an error thought:-


    Parse error: syntax error, unexpected T_VARIABLE, expecting ')' in /home/mattacuk/public_html/fishspots.net/devshed/Warrington/Comment/comment_Rpc.php on line 46

  10. #10
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,198
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    My mistake, i updated the code above

  11. #11
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by SgtLegend View Post
    My mistake, i updated the code above
    Hmmm, its coming out like this "This is the first parapgraph.This is the first parapgraph."

  12. #12
    38911 Basic Bytes Free johnuk's Avatar
    Join Date
    Jul 2008
    Location
    Somerset, England
    Posts
    459
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This seems to work though:-

    PHP Code:
    $strComment  str_replace(array("\n""\r""\t"), array("<br />""<br />""&nbsp;&nbsp;&nbsp;&nbsp;"), $_GET['strComment']);
            
    $strFComment  mysql_real_escape_string(trim ($strComment)); 


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •