Advanced Search

Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Something like BBCODE

  1. #1
    Join Date
    Mar 2011
    Location
    N 11░ 19' 0.0012 E 142░ 15' 0
    Posts
    1,508
    Thanks
    41
    Thanked 89 Times in 88 Posts
    Blog Entries
    3

    Default Something like BBCODE

    Hi everyone,
    Lets say I've got an input for comments that are then displayed on my site.

    A: How do I stop people from entering html into the box (escaping it)

    B: I'd still like there to be limited html (colours and such) so how could I make something like bbcode [red] [/red] or something like that, that would then be changed to html tags???


    Thanks, Keyboard1333

  2. #2
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,622
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    A: strip_tags()

    B: anything wrong with using BBCode?
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

  3. #3
    Join Date
    Mar 2011
    Location
    N 11░ 19' 0.0012 E 142░ 15' 0
    Posts
    1,508
    Thanks
    41
    Thanked 89 Times in 88 Posts
    Blog Entries
    3

    Default

    Thanks traq,
    I didn't realise that bbcode was actually a part of php *FACEPALM*.
    I looked at the link you gave me but I found it very hard to understand how to install bbcode. I googled how to install it but I couldn't understand it. Any help on how to install it?

  4. #4
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,154
    Thanks
    260
    Thanked 690 Times in 678 Posts

    Default

    Difficulty in installing it and having it extra-customizable would be a reason to write your own. (I've done that a few times. It's slow, but works out in the end.) If you do want to write your own, you can use regex, or a complicated set of string functions.
    I'm not sure, and it might depend on your server. If you want to customize a server, it might be good to look into one that is easiest to manage-- sometimes you don't have permission or direct access on cheaper servers. You may also be able to look into your host's support documents.
    But in the end, it could be any number of problems (perhaps specific to the server, or about this extension). Not my area of expertise, but if you figure out a bit more info someone else might know. You could also see if another extension installs well, to see if it's specific to this. And there MUST be a good tutorial out there for some extension, so maybe you can apply it to this one.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  5. #5
    Join Date
    Mar 2011
    Location
    N 11░ 19' 0.0012 E 142░ 15' 0
    Posts
    1,508
    Thanks
    41
    Thanked 89 Times in 88 Posts
    Blog Entries
    3

    Default

    Hmmm, thanks for the replies guys (ha that rhymes). I think I'll have a go at making my own.

    Is there any reason you couldn't do this

    PHP Code:
    $red str_replace("[red]""<span style='color:red;'>""INPUT HERE"); 
    then repeat it for each tag (not going to have that many), or is there a simpler way I'm missing???

  6. #6
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,154
    Thanks
    260
    Thanked 690 Times in 678 Posts

    Default

    Be very careful doing it that way. You need to add some sort of counter to be sure that the HTML is properly balanced. If you don't allow any dangerous HTML tags (like <script>) then the worst that will happen is that your page will be broken, but that's not good either. It might just be invalid HTML, but it could also severely modify the rest of the page, if, for example, there is an unclosed <div> tag.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  7. #7
    Join Date
    Mar 2011
    Location
    N 11░ 19' 0.0012 E 142░ 15' 0
    Posts
    1,508
    Thanks
    41
    Thanked 89 Times in 88 Posts
    Blog Entries
    3

    Default

    Thanks for the tip, I'll fiddle with it later...

  8. #8
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,622
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    BBCode might be available to you already - check your phpinfo().

    As Daniel says, if you're only dealing with a few tags, then find->replacing them manually would be fine.
    If you want to do anything more complex (or risky, like <div>s or <a>s), I'd suggest figuring out the BBCode extension.
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

  9. #9
    Join Date
    Mar 2011
    Location
    N 11░ 19' 0.0012 E 142░ 15' 0
    Posts
    1,508
    Thanks
    41
    Thanked 89 Times in 88 Posts
    Blog Entries
    3

    Default

    Quote Originally Posted by traq View Post
    If you want to do anything more complex (or risky, like <div>s or <a>s), I'd suggest figuring out the BBCode extension.
    Why do you say divs and/or <a>s are dangerous?

  10. #10
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,622
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    <div>: because they will ruin your page layout very quickly if they're not properly nested.

    <a>: same reason, plus different browsers "fix" unclosed <a>s differently: in some cases, the whole rest of the page will be a hyperlink.

    another thing to consider if if you accept attribute values. Make sure they're properly validated, or you might end up with injected javascript (XSS attacks).
    We Only Torture the Folks We Don't Like (You're Probably Gonna Be Okay)
    It's a Party in the CIA

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •