Results 1 to 5 of 5
  1. #1
    Join Date
    Aug 2004
    Posts
    82

    Unanswered: BBCode -- Restrict HTML

    Ok I am currently using a BBCode script which looks like:

    PHP Code:
    $pattern[] = '/\[size\=(.*?)\](.*?)\[\/size\]/i';
    $replace[] = '<font size="$1">$2</font>';
    $html preg_replace($pattern$replace$row[post]); 
    This script basically replaces $pattern with $replace i.e. Replaces the BBCode with the HTML so it will be shown formatted correctly.

    Is there are way to restrict the use of HTML. I.e. if a user typed <font color="red">TEXT</font> it would echo as <font color="red">TEXT</font> rather than TEXT.


    I have tried replacing < with &lt; and > with $gt; which means < and > in a normal sentace will echo fine but HTML will not work, this will echo fine if it is the last post sent but once another post has been sent is it shown unformatted. Is there another way to do this?

    Obviously, I don't want to write out EVERY piece of HTML
    Thanks,
    Last edited by jwman; 01-28-06 at 20:20.

  2. #2
    Join Date
    Jan 2004
    Posts
    12
    I have tried replacing < with &lt; and > with $gt; which means < and > in a normal sentace will echo fine but HTML will not work, this will echo fine if it is the last post sent but once another post has been sent is it shown unformatted. Is there another way to do this?
    Do you mean your HTML that you're replacing the BBCode with doesn't work? Just replace < and > before you run the bbcode.

  3. #3
    Join Date
    Aug 2004
    Posts
    82
    I didn't realise how poorly explained I was, I will try again.

    It is basically a forum all the posts are in my MySQL database and when the forum is read the posts (which are formatted in BBCODE) are taken for the database and then need to be "converted" into HTML so that the page is displayed.

    So I used:
    PHP Code:
    $pattern[] = '/\[size\=(.*?)\](.*?)\[\/size\]/i';
    $replace[] = '<font size="$1">$2</font>';
    $html preg_replace($pattern$replace$row[post]); 
    When you first post the BBCode works fine and due to me replacing < with &lt; all HTML (if the user has tried to use it) doesn't work. The problem is when another user posts in the same topic the BBCODE is converted into HTML but just echoed plainly. For example:


    +-------------------------------------------------------------------+
    |____________________FIRST POST_____________________________|
    |
    |[COLOUR="Red"]IN BBCODE[/COLOUR] (this is converted and echoed as IN BBCODE)
    |_________________________________________________ __________

    ------------------------------------------------------------------------
    THE ABOVE IS WHEN THE SINGLE FIRST POST HAS BEEN POSTED
    BELOW IS WHEN ANOTHER POST HAS BEEN POSTED
    ------------------------------------------------------------------------

    +-------------------------------------------------------------------+
    |____________________FIRST POST_____________________________|
    |
    |<a href= "red">IN BBCODE</font>
    |
    |_________________________________________________ __________

    +-------------------------------------------------------------------+
    |____________________SECOND POST___________________________|
    |
    |SECOND POST SECOND POST SECOND POST (This can be formatted fine in BBCODE until another post has been posted then the same happens here as did above)
    |
    |_________________________________________________ __________

  4. #4
    Join Date
    Apr 2005
    Location
    Baltimore, MD
    Posts
    297
    PHP Code:
    $html preg_replace($pattern$replace$row[post]); 
    Are you calling this on each post? Also, shouldn't $row[post] be more like $row[$post] ?

  5. #5
    Join Date
    Aug 2004
    Posts
    82
    Ok, I have discovered that the method I have been using is crapy basically and I implemented a new method of achieving the same thing which will change < and > successfully to &lt; and &gt;. Just for those who need it the code method is:

    PHP Code:
    $pattern = array(
    '/\[b\](.*?)\[\/b\]/is',                                
    '/\[i\](.*?)\[\/i\]/is',     
    etc);


    $replace = array(
    '<strong>$1</strong>',
    '<em>$1</em>',
    etc);

    $post preg_replace($pattern$replace$row[row1]); 
    This works perfectly! Thank you for all those who helped!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •