rcbuchanan
asked on
input fields, html code & errors
Folks: ... one general question wrapped in several related issues: hope u can help!
(hope also 500 points if sufficient for this plethora of pain)
I'm TRYING to create a cfm page that takes the following input:
- a text input field for an article 'title' (i.e. the description of the article)
- a text input field for an article's 'text' (i.e. the body of the article)
I DON'T want ANY HTML CODE <b></b> stuff etc in the TITLE ...
BUT I DO want to allow HTML CODE in the BODY of the article.
PLUS ... I DO WANT to be able to OUTPUT the BODY of the article, showing the neat HTML.
-- does the above make sense? --
SO:
- my problem:
: I found the terrific SafeText() tag/'function' .. and I think I installed it correct ... SO THAT I can STRIP ANY html code from the text_title input form field. BECAUSE I get errors when I try to insert such variable with HTML code (and it doesn't make sense to have it in the title field anyway).
problem is: I obviously don't know how to use SafeText() because my .cfm that INSERTS the form.input_title variable is saying 'SAFETEXT is undefined'.
I used it as such:
<cfquery name="PostArticle" datasource="fred">
insert into article_table (article_title, article_text)
values ('#SafeText(form.input_art icle_text, 1)#', '#SafeText(form.input_arti cle_text)# ', )
</cfquery>
(where the ',1' strips ALL html out, ELSE defauts to JUST stripping out naughty HTML code leave all good html code intact (which I want for the body text).
WHAT am I doing WRONG!? I placed the SafeText.cfm into my 'c_tags' subfolder with other cf tags / functions etc.
THEN:
My related issue:
SO I've successfully managed (besides the SafeText problem) to INSERT an article containing lots of text with the odd <b> </b> etc .. into my table record.
WHEN I try to OUTPUT as a sexy formatted looking HTML-based article ... I get a lousy WRAPPED text field:
i.e. .. my database holds
<b>This is an example</b>
Written by Richard Buchanan, the Opinion Exchange
blah blah blah blah.
BUT when I output ... I get this:
<b>This is an example</b>Written by Richard Buchanan, the Opinion Exchange blah blah blah blah.
Which is AWFUL!
Any ideas? I feel pretty comfortable that my database table record is holding the article correctly with line breaks, html codes etc. It's just not outputting correctly.
Thanks much! Sorry for the multitudes of agony.
Richard Buchanan
the Opinion Exchange
(hope also 500 points if sufficient for this plethora of pain)
I'm TRYING to create a cfm page that takes the following input:
- a text input field for an article 'title' (i.e. the description of the article)
- a text input field for an article's 'text' (i.e. the body of the article)
I DON'T want ANY HTML CODE <b></b> stuff etc in the TITLE ...
BUT I DO want to allow HTML CODE in the BODY of the article.
PLUS ... I DO WANT to be able to OUTPUT the BODY of the article, showing the neat HTML.
-- does the above make sense? --
SO:
- my problem:
: I found the terrific SafeText() tag/'function' .. and I think I installed it correct ... SO THAT I can STRIP ANY html code from the text_title input form field. BECAUSE I get errors when I try to insert such variable with HTML code (and it doesn't make sense to have it in the title field anyway).
problem is: I obviously don't know how to use SafeText() because my .cfm that INSERTS the form.input_title variable is saying 'SAFETEXT is undefined'.
I used it as such:
<cfquery name="PostArticle" datasource="fred">
insert into article_table (article_title, article_text)
values ('#SafeText(form.input_art
</cfquery>
(where the ',1' strips ALL html out, ELSE defauts to JUST stripping out naughty HTML code leave all good html code intact (which I want for the body text).
WHAT am I doing WRONG!? I placed the SafeText.cfm into my 'c_tags' subfolder with other cf tags / functions etc.
THEN:
My related issue:
SO I've successfully managed (besides the SafeText problem) to INSERT an article containing lots of text with the odd <b> </b> etc .. into my table record.
WHEN I try to OUTPUT as a sexy formatted looking HTML-based article ... I get a lousy WRAPPED text field:
i.e. .. my database holds
<b>This is an example</b>
Written by Richard Buchanan, the Opinion Exchange
blah blah blah blah.
BUT when I output ... I get this:
<b>This is an example</b>Written by Richard Buchanan, the Opinion Exchange blah blah blah blah.
Which is AWFUL!
Any ideas? I feel pretty comfortable that my database table record is holding the article correctly with line breaks, html codes etc. It's just not outputting correctly.
Thanks much! Sorry for the multitudes of agony.
Richard Buchanan
the Opinion Exchange
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
try this, not sure if this will work but...
<cfset var=<SafeText str="#form.input_article_t ext" attribute2="1">>
i think you are calling the satfetext tag incorrectly
<cfset var=<SafeText str="#form.input_article_t
i think you are calling the satfetext tag incorrectly
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is a lot simpler if the line breaks are stored in your DB.
Simply do one of the following when you want to output to the screen:
<pre>#fieldname#</pre>
(but this solution may not look as nice since it will be fixed width font
or
#Replace(fieldname, chr(13) & chr(10), "<BR>", "ALL")#
Simply do one of the following when you want to output to the screen:
<pre>#fieldname#</pre>
(but this solution may not look as nice since it will be fixed width font
or
#Replace(fieldname, chr(13) & chr(10), "<BR>", "ALL")#
ASKER
re the outputting ...
Yes, I'm running CFMX ...
No, the #Replace# does not work.
All is get now ... is this:
Interview with J C Watts.<BR><BR>Initial Thoughts:<BR><BR><b>BOLD </b><BR><BR>JC Watts exudes a quite intoxicating calm. True, my meeting with the man was only thirty minutes long but if you tried, quite unfairly, to give him one label; one stark quality; calm would be mine.<BR><BR>Oscar Wilde suggested, more than once I believe, that nothing is so aggravating as calmness! Id extend that quote one step further and suggest nothing is more aggravating than a calm than a forty something that has accomplished more in his life thus far than seven men could possibly hope to accomplish. And to be so calm? Is calm a product of that experiences that have molded him o
NOTE: .. I'm outputting as follows:
<cfoutput>#display_text#</
!??1?
Thanks for any clarification!
Where are you outputting to? The screen or something else?
ASKER
The screen.
And the <br> tags are showing up instead of displaying as a return?
ASKER
yes, see the pasted text above.
when I try to output using:
<cfoutput>#display_text#</ cfoutput>
I get this:
Interview with J C Watts.<BR><BR>Initial Thoughts:<BR><BR><b>BOLD </b><BR><BR>JC Watts exudes a quite intoxicating calm. True, my meeting with the man was only thirty minutes long but if you tried, quite unfairly, to give him one label; one stark quality; calm would be mine.<BR><BR>Oscar Wilde suggested, more than once I believe, that nothing is so aggravating as calmness! Id extend that quote one step further and suggest nothing is more aggravating than a calm than a forty something that has accomplished more in his life thus far than seven men could possibly hope to accomplish. And to be so calm? Is calm a product of that experiences that have molded him o
Thanks.
R
when I try to output using:
<cfoutput>#display_text#</
I get this:
Interview with J C Watts.<BR><BR>Initial Thoughts:<BR><BR><b>BOLD </b><BR><BR>JC Watts exudes a quite intoxicating calm. True, my meeting with the man was only thirty minutes long but if you tried, quite unfairly, to give him one label; one stark quality; calm would be mine.<BR><BR>Oscar Wilde suggested, more than once I believe, that nothing is so aggravating as calmness! Id extend that quote one step further and suggest nothing is more aggravating than a calm than a forty something that has accomplished more in his life thus far than seven men could possibly hope to accomplish. And to be so calm? Is calm a product of that experiences that have molded him o
Thanks.
R
ASKER
Ok. I'm a ass.
mrichmon, you've been incredibly helpful. It does work (if I save the right bloody version).
Apologies and appreciations.
MODERATOR : how do I assign points to someone AFTER I've acccepted the response already?
In other words ... I feel obliged to give points to MRICHMON.
thanks!
Richard
mrichmon, you've been incredibly helpful. It does work (if I save the right bloody version).
Apologies and appreciations.
MODERATOR : how do I assign points to someone AFTER I've acccepted the response already?
In other words ... I feel obliged to give points to MRICHMON.
thanks!
Richard
That is really strange. Obviously the replace is working since the BR tags are there instead of the normal return characters. But it is strange that the HTML sis being displayed instead of rendered since when I try the same thing it renders the br into a return. and the <b> tags into bold.
Are you sure something else in the page is not affecting this?
Are you sure something else in the page is not affecting this?
If you feel that the answer should be changed to a split so that one shows as the assisted answer then you can post to
https://www.experts-exchange.com/Community_Support/
and ask for the asnwer to be selected the way you feel is appropriate.
https://www.experts-exchange.com/Community_Support/
and ask for the asnwer to be selected the way you feel is appropriate.
I am not sure what mrichmon did to help answer the question. your question not mine.
ASKER
have done so. (asked community support to fix)
sorry ... and thanks.
sorry ... and thanks.
can you point to post that helped you
CFDevHead, If you read the initial post there were two sections - one about safetext and one about line breaks not appearing correctly. This is the portion of the question that I addressed since you had already nicely helped with the safetext.
ASKER
look, .. it was the amount of EFFORT as well as the degree of answer.
Sorry to cause anyone disrespect or anguish.
You helped me enormously with the SafeText. you pasted the code and I understood finally that I had ti embed into my page ...
BUT Richmon also helped my question re outputting the text.
His answer #Replace(fieldname, chr(13) & chr(10), "<BR>", "ALL")#
made the 'penny drop' and I realized my goof, ... and it now works.
Thanks all. if there is some kind of gentle procedure for who gets what / when ... etc ... please bring it up at the next UN Security Council meeting. I'm just trying to leverage a great bunch of smart people ... across my many many knowledge gaps.
Thanks again..
Richard
p.s I have an unlimited supply of points; so it's not for being a sacred cow with my 'booty' ... i simply don't know how to reassign or give everyone every point they feel they deserve. tell me the secret and I'll hand out points like it's Halloween and I'm the scared Grandma.
Sorry to cause anyone disrespect or anguish.
You helped me enormously with the SafeText. you pasted the code and I understood finally that I had ti embed into my page ...
BUT Richmon also helped my question re outputting the text.
His answer #Replace(fieldname, chr(13) & chr(10), "<BR>", "ALL")#
made the 'penny drop' and I realized my goof, ... and it now works.
Thanks all. if there is some kind of gentle procedure for who gets what / when ... etc ... please bring it up at the next UN Security Council meeting. I'm just trying to leverage a great bunch of smart people ... across my many many knowledge gaps.
Thanks again..
Richard
p.s I have an unlimited supply of points; so it's not for being a sacred cow with my 'booty' ... i simply don't know how to reassign or give everyone every point they feel they deserve. tell me the secret and I'll hand out points like it's Halloween and I'm the scared Grandma.
Actually the solution that I posted toke care of both sections of this question I tested it my self. Here is a working example spiraldev.com/ee/ee.cfm
The points aren't important to me - just making sure that the all portions of the answer are marked when the question gets put into the searchable knowledge base.
But if you do want to hand out points to someone who has given you extra help you can do what is called a "Points for" question. You create a new question titled "Points for XXXXX" Then person XXXX posts a message there and you accept it as the answer. Be sure that when you create the "Points for" question that you include a link to the original question that the help was for in the body.
But if you do want to hand out points to someone who has given you extra help you can do what is called a "Points for" question. You create a new question titled "Points for XXXXX" Then person XXXX posts a message there and you accept it as the answer. Be sure that when you create the "Points for" question that you include a link to the original question that the help was for in the body.
again its your question. do as you want. I was just wondering what the user did. because from what I read I couldn't see it.
enjoy
enjoy
Its been fun I am out....................... .......... .......... .
ASKER
thanks! ... have done.
ASKER
POINTS FOR MRICHMON:
https://www.experts-exchange.com/questions/20972439/POINTS-FOR-mrichmon.html
POINTS FOR CFDEVHEAD:
https://www.experts-exchange.com/questions/20972438/POINTS-FOR-CFDevHead.html
Sorry for the anguish guys.
Richard
https://www.experts-exchange.com/questions/20972439/POINTS-FOR-mrichmon.html
POINTS FOR CFDEVHEAD:
https://www.experts-exchange.com/questions/20972438/POINTS-FOR-CFDevHead.html
Sorry for the anguish guys.
Richard
kewl I got the answer and the assit
if so this is how it need to work
make you include this script somewhere on the page in which you are going to call the function else it will not work
<cfscript>
/**
* Removes potentially nasty HTML text.
* Version 2 by Lena Aleksandrova - changes include fixing a bug w/ arguments and use of REreplace where REreplaceNoCase should have been used.
*
* @param text String to be modified. (Required)
* @param strip Boolean value (defaults to false) that determines if HTML should be stripped or just escaped out. (Optional)
* @param badTags A list of bad tags. Has a long default list. Consult source. (Optional)
* @param badEvents A list of bad HTML events. Has a long default list. Consult source. (Optional)
* @return Returns a string.
* @author Nathan Dintenfass (nathan@changemedia.com)
* @version 3, March 19, 2003
*/
function safetext(text) {
//default mode is "escape"
var mode = "escape";
//the things to strip out (badTags are HTML tags to strip and badEvents are intra-tag stuff to kill)
//you can change this list to suit your needs
var badTags = "SCRIPT,OBJECT,APPLET,EMBE
var badEvents = "onClick,onDblClick,onKeyD
var stripperRE = "";
//set up variable to parse and while we're at it trim white space
var theText = trim(text);
//find the first open bracket to start parsing
var obracket = find("<",theText);
//var for badTag
var badTag = "";
//var for the next start in the parse loop
var nextStart = "";
//if there is more than one argument and the second argument is boolean TRUE, we are stripping
if(arraylen(arguments) GT 1 AND isBoolean(arguments[2]) AND arguments[2]) mode = "strip";
if(arraylen(arguments) GT 2 and len(arguments[3])) badTags = arguments[3];
if(arraylen(arguments) GT 3 and len(arguments[4])) badEvents = arguments[4];
//the regular expression used to stip tags
stripperRE = "</?(" & listChangeDelims(badTags,"
//Deal with "smart quotes" and other "special" chars from MS Word
theText = replaceList(theText,chr(82
//if escaping, run through the code bracket by bracket and escape the bad tags.
if(mode is "escape"){
//go until no more open brackets to find
while(obracket){
//find the next instance of one of the bad tags
badTag = REFindNoCase(stripperRE,th
//if a bad tag is found, escape it
if(badTag.pos[1]){
theText = replace(theText,mid(TheTex
nextStart = badTag.pos[1] + badTag.len[1];
}
//if no bad tag is found, move on
else{
nextStart = obracket + 1;
}
//find the next open bracket
obracket = find("<",theText,nextStart
}
}
//if not escaping, assume stripping
else{
theText = REReplaceNoCase(theText,st
}
//now kill the bad "events" (intra tag text)
theText = REReplaceNoCase(theText,(L
//return theText
return theText;
}
</cfscript>
Now you can call the function
<cfquery name="PostArticle" datasource="fred">
insert into article_table (article_title, article_text)
values ('#SafeText(form.input_art
</cfquery>
(where the ',1' strips ALL html out, ELSE defauts to JUST stripping out naughty HTML code leave all good html code intact (which I want for the body text).