input fields, html code & errors

My guess is you got it from cflib.org?

if so this is how it need to work

make you include this script somewhere on the page in which you are going to call the function else it will not work
<cfscript>
/**
 * Removes potentially nasty HTML text.
 * Version 2 by Lena Aleksandrova - changes include fixing a bug w/ arguments and use of REreplace where REreplaceNoCase should have been used.
 *
 * @param text        String to be modified. (Required)
 * @param strip        Boolean value (defaults to false) that determines if HTML should be stripped or just escaped out. (Optional)
 * @param badTags        A list of bad tags. Has a long default list. Consult source. (Optional)
 * @param badEvents        A list of bad HTML events. Has a long default list. Consult source. (Optional)
 * @return Returns a string.
 * @author Nathan Dintenfass (nathan@changemedia.com)
 * @version 3, March 19, 2003
 */
function safetext(text) {
      //default mode is "escape"
      var mode = "escape";
      //the things to strip out (badTags are HTML tags to strip and badEvents are intra-tag stuff to kill)
      //you can change this list to suit your needs
      var badTags = "SCRIPT,OBJECT,APPLET,EMBED,FORM,LAYER,ILAYER,FRAME,IFRAME,FRAMESET,PARAM,META";
      var badEvents = "onClick,onDblClick,onKeyDown,onKeyPress,onKeyUp,onMouseDown,onMouseOut,onMouseUp,onMouseOver,onBlur,onChange,onFocus,onSelect,javascript:";
      var stripperRE = "";
      
      //set up variable to parse and while we're at it trim white space
      var theText = trim(text);
      //find the first open bracket to start parsing
      var obracket = find("<",theText);            
      //var for badTag
      var badTag = "";
      //var for the next start in the parse loop
      var nextStart = "";
      //if there is more than one argument and the second argument is boolean TRUE, we are stripping
      if(arraylen(arguments) GT 1 AND isBoolean(arguments[2]) AND arguments[2]) mode = "strip";
      if(arraylen(arguments) GT 2 and len(arguments[3])) badTags = arguments[3];
      if(arraylen(arguments) GT 3 and len(arguments[4])) badEvents = arguments[4];
      //the regular expression used to stip tags
      stripperRE = "</?(" & listChangeDelims(badTags,"|") & ")[^>]*>";      
      //Deal with "smart quotes" and other "special" chars from MS Word
      theText = replaceList(theText,chr(8216) & "," & chr(8217) & "," & chr(8220) & "," & chr(8221) & "," & chr(8212) & "," & chr(8213) & "," & chr(8230),"',',"","",--,--,...");
      //if escaping, run through the code bracket by bracket and escape the bad tags.
      if(mode is "escape"){
            //go until no more open brackets to find
            while(obracket){
                  //find the next instance of one of the bad tags
                  badTag = REFindNoCase(stripperRE,theText,obracket,1);
                  //if a bad tag is found, escape it
                  if(badTag.pos[1]){
                        theText = replace(theText,mid(TheText,badtag.pos[1],badtag.len[1]),HTMLEditFormat(mid(TheText,badtag.pos[1],badtag.len[1])),"ALL");
                        nextStart = badTag.pos[1] + badTag.len[1];
                  }
                  //if no bad tag is found, move on
                  else{
                        nextStart = obracket + 1;
                  }
                  //find the next open bracket
                  obracket = find("<",theText,nextStart);
            }
      }
      //if not escaping, assume stripping
      else{
            theText = REReplaceNoCase(theText,stripperRE,"","ALL");
      }
      //now kill the bad "events" (intra tag text)
      theText = REReplaceNoCase(theText,(ListChangeDelims(badEvents,"|")),"","ALL");
      //return theText
      return theText;
}
</cfscript>


Now you can call the function

<cfquery name="PostArticle" datasource="fred">
insert into article_table (article_title, article_text)
values ('#SafeText(form.input_article_text, 1)#', '#SafeText(form.input_article_text)#', )
</cfquery>
(where the ',1' strips ALL html out, ELSE defauts to JUST stripping out naughty HTML code leave all good html code intact (which I want for the body text).

try this, not sure if this will work but...

<cfset var=<SafeText str="#form.input_article_text" attribute2="1">>

i think you are calling the satfetext tag incorrectly

It is a lot simpler if the line breaks are stored in your DB.

Simply do one of the following when you want to output to the screen:

<pre>#fieldname#</pre>
(but this solution may not look as nice since it will be fixed width font

or

#Replace(fieldname, chr(13) & chr(10), "<BR>", "ALL")#

re the outputting ...
Yes, I'm running CFMX ...
No, the #Replace# does not work.

All is get now ... is this:

Interview with J C Watts.<BR><BR>Initial Thoughts:<BR><BR><b>BOLD </b><BR><BR>JC Watts exudes a quite intoxicating calm. True, my meeting with the man was only thirty minutes long but if you tried, quite unfairly, to give him one label; one stark quality; calm would be mine.<BR><BR>Oscar Wilde suggested, more than once I believe, that nothing is so aggravating as calmness! Id extend that quote one step further and suggest nothing is more aggravating than a calm than a forty something that has accomplished more in his life thus far than seven men could possibly hope to accomplish. And to be so calm? Is calm a product of that experiences that have molded him o


NOTE: .. I'm outputting as follows:

<cfoutput>#display_text#</cfoutput>

!??1?
Thanks for any clarification!

Where are you outputting to?  The screen or something else?

The screen.

And the <br> tags are showing up instead of displaying as a return?

yes, see the pasted text above.

when I try to output using:

<cfoutput>#display_text#</cfoutput>

I get this:

Interview with J C Watts.<BR><BR>Initial Thoughts:<BR><BR><b>BOLD </b><BR><BR>JC Watts exudes a quite intoxicating calm. True, my meeting with the man was only thirty minutes long but if you tried, quite unfairly, to give him one label; one stark quality; calm would be mine.<BR><BR>Oscar Wilde suggested, more than once I believe, that nothing is so aggravating as calmness! Id extend that quote one step further and suggest nothing is more aggravating than a calm than a forty something that has accomplished more in his life thus far than seven men could possibly hope to accomplish. And to be so calm? Is calm a product of that experiences that have molded him o


Thanks.
R

Ok. I'm a ass.

mrichmon, you've been incredibly helpful. It does work (if I save the right bloody version).
Apologies and appreciations.

MODERATOR : how do I assign points to someone AFTER I've acccepted the response already?
In other words ... I feel obliged to give points to MRICHMON.

thanks!

Richard

That is really strange.  Obviously the replace is working since the BR tags are there instead of the normal return characters.  But it is strange that the HTML sis being displayed instead of rendered since when I try the same thing it renders the br into a return. and the <b> tags into bold.

Are you sure something else in the page is not affecting this?

If you feel that the answer should be changed to a split so that one shows as the assisted answer then you can post to

https://www.experts-exchange.com/Community_Support/

and ask for the asnwer to be selected the way you feel is appropriate.

I am not sure what mrichmon did to help answer the question. your question not mine.

have done so. (asked community support to fix)
sorry ... and thanks.

can you point to post that helped you

CFDevHead, If you read the initial post there were two sections - one about safetext and one about line breaks not appearing correctly.  This is the portion of the question that I addressed since you had already nicely helped with the safetext.

look, .. it was the amount of EFFORT as well as the degree of answer.
Sorry to cause anyone disrespect or anguish.

You helped me enormously with the SafeText. you pasted the code and I understood finally that I had ti embed into my page ...

BUT Richmon also helped my question re outputting the text.
His answer #Replace(fieldname, chr(13) & chr(10), "<BR>", "ALL")#

made the 'penny drop' and I realized my goof, ... and it now works.

Thanks all. if there is some kind of gentle procedure for who gets what / when ... etc ... please bring it up at the next UN Security Council meeting.  I'm just trying to leverage a great bunch of smart people ... across my many many knowledge gaps.

Thanks again..
Richard

p.s I have an unlimited supply of points; so it's not for being a sacred cow with my 'booty' ... i simply don't know how to reassign or give everyone every point they feel they deserve.  tell me the secret and I'll hand out points like it's Halloween and I'm the scared Grandma.

Actually the solution that I posted toke care of both sections of this question I tested it my self.  Here is a working example spiraldev.com/ee/ee.cfm

The points aren't important to me - just making sure that the all portions of the answer are marked when the question gets put into the searchable knowledge base.

But if you do want to hand out points to someone who has given you extra help you can do what is called a "Points for" question.  You create a new question titled "Points for XXXXX"  Then person XXXX posts a message there and you accept it as the answer.  Be sure that when you create the "Points for" question that you include a link to the original question that the help was for in the body.

again its your question.  do as you want. I was just wondering what the user did. because from what I read I couldn't see it.
enjoy

Its been fun I am out............................................

thanks! ... have done.

POINTS FOR MRICHMON:
https://www.experts-exchange.com/questions/20972439/POINTS-FOR-mrichmon.html


POINTS FOR CFDEVHEAD:
https://www.experts-exchange.com/questions/20972438/POINTS-FOR-CFDevHead.html


Sorry for the anguish guys.
Richard

kewl I got the answer and the assit