Solved

HTML in TextArea being stripped

Posted on 2008-10-17
8
392 Views
Last Modified: 2013-12-13
This is baffling me. I have a form that includes a TEXTAREA field. I enter some simple HTML, such as <h1>This is a test</h1> and submit, but the HTML is getting stripped out. I'm writing it to the database, but I can do a simple loop in PHP to view all the submitted elements (foreach($_REQUEST as $key=>$value)) and it's stripped at that point, so this isn't a database issue, this is a submit issue.

The thing is that I have other web pages on the site that use textarea and we enter html all the time, and I can't see a difference between this web page and the others.

I've pasted in both the PHP which creates the web page, and below it the result of that web page.
<?php

 

define('PAGE','1');

define('DIE_QUIETLY','1');

require_once('./config.php');

 

if ($editor<2)

{

	cms_no_permission();

}

 

if  ($_REQUEST['do']=="write")

{

	echo "<table>";

	foreach($_REQUEST as $key=>$value)

	{

	 echo "<tr><td nowrap valign=top>".$key.":</td><td valign=top>".$value."<P></td>";

	}

	echo "</table>";				

					

	$cities = $db->query("select * from cms_neighbourhoods where provinceid=".$_REQUEST['ProvinceID']." and cityid=".$_REQUEST['CityID']." order by name");

 

 

	while ($city = $db->fetch_array($cities))

	{

		$s = "update cms_neighbourhoods set Name='".addslashes($_REQUEST['Name'.$city['NeighbourhoodID']])."' ";

		

		

		$s .= ",Featured=".$_REQUEST['Featured'.$city['NeighbourhoodID']];

		

			

		if (strlen($_REQUEST['SiteText'.$city['NeighbourhoodID']])>0)

			$s .= ",SiteText='".addslashes($_REQUEST['SiteText'.$city['NeighbourhoodID']])."' ";

		else

			$s .= ",SiteText=null ";	

			

		$s .= " where NeighbourhoodID=".$city['NeighbourhoodID'];

		

		if (strlen($_REQUEST['SiteText'.$city['NeighbourhoodID']])>0) echo $s."<P>";

		//die();

		//$db->query($s);

		

	}

	

}

 

 

?>

<html>

	<head>

		<title>Edit Neighbourhoods</title>

 

	

	

	

 

	</head>

	<body >

 

	

		<h1>Edit Neighbourhoods</h1> 

	

	<br />	

 

 

<form method="post" action="editneighbourhoods.php">

<input type="hidden" name="do" value="change">

<b>Province/State:</b> <select name="ProvinceID"  onChange="form.submit()"><option value="">

<? 

  $markets = $db->query("select * from cms_provinces order by country,state,name");

  

  $savec="";

  while ($market = $db->fetch_array($markets))

  {

  if ($market['Country'] != $savec) { $savec=$market['Country']; echo "<OPTGROUP LABEL=\"".$savec."\">\n"; }

	echo "<option value=\"".$market['ProvinceID']."\"";

	if ($_REQUEST['ProvinceID']==$market['ProvinceID']) echo " selected";

	echo ">".$market['State']."-".$market['Name'];

   } 

   echo "</select>";

   if (strlen($_REQUEST['ProvinceID'])==0) die();

   

   

?>&nbsp;&nbsp;&nbsp;

<b>City:</b> <select name="CityID" onChange="form.submit()" ><option value="">

<? 

  $markets = $db->query("select * from cms_cities where provinceid=".$_REQUEST['ProvinceID']." order by Name");

  

  

  while ($market = $db->fetch_array($markets))

  {

	echo "<option value=\"".$market['CityID']."\"";

	if ($_REQUEST['CityID']==$market['CityID']) echo " selected";

	echo ">".$market['Name'];

   } 

   echo "</select>";

   if (strlen($_REQUEST['CityID'])==0) die();

   

   

?>        			  

        			  

 

 

 </form>

 

<? if (strlen($_REQUEST['ProvinceID'])==0) die(); 

 

 

 

 

?>

<form method="post" action="editneighbourhoods.php">

<input type="hidden" name="do" value="write">

<input type="hidden" name="ProvinceID" value="<? echo $_REQUEST['ProvinceID']; ?>">

<input type="hidden" name="CityID" value="<? echo $_REQUEST['CityID']; ?>">

<table cellpadding="1" cellspacing="1">

<td><b>Name</b></td>

<td><b>Featured</b></td>

<td><b>Text</b></td>

<? 

 

$cities = $db->query("select * from cms_neighbourhoods where provinceid=".$_REQUEST['ProvinceID']." and cityid=".$_REQUEST['CityID']." order by name");

 

while ($city = $db->fetch_array($cities))

{

	echo "<tr>";

	echo "<td valign=top><input size=40 class=search name=\"Name".$city['NeighbourhoodID']."\" value=\"".$city['Name']."\"></td>";

	

	echo "<td valign=top><select class=search name=\"Featured".$city['NeighbourhoodID']."\"><option value=null>";

	

	$markets = $db->query("select * from cms_markets where active=1 order by TheMarket");

  

  

	while ($market = $db->fetch_array($markets))

	{

		echo "<option value=\"".$market['MarketID']."\"";

		if ($city['Featured']==$market['MarketID']) echo " selected";

		echo ">".$market['TheMarket']."\n";

	} 

	echo "</select>";

   

	

	echo "</td>\n";

	

	

	echo "<td><textarea rows=\"4\" cols=\"60\" name=\"SiteText".$city['NeighbourhoodID']."\" >";

	echo $city['SiteText'];

	echo "</textarea></td>\n";

	

 

}

 

?>

</table>

<input type=submit value="Write Values">

</form>

 

</font></body></html>

 

 

 

 

<html>

	<head>

		<title>Edit Neighbourhoods</title>

 

	

	

	

 

	</head>

	<body >

 

	

		<h1>Edit Neighbourhoods</h1> 

	

	<br />	

 

 

<form method="post" action="editneighbourhoods.php">

 

<input type="hidden" name="do" value="change">

<b>Province/State:</b> <select name="ProvinceID"  onChange="form.submit()"><option value="">

<OPTGROUP LABEL="CA">

<option value="2">AB-Alberta<option value="1" selected>BC-British Columbia<option value="3">MB-Manitoba<option value="4">NB-New Brunswick<option value="5">NL-Newfoundland and Labrador<option value="7">NS-Nova Scotia<option value="6">NT-Northwest Territories<option value="8">ON-Ontario<option value="9">PE-Prince Edward Island<option value="10">QC-Quebec<option value="11">SK-Saskatchewan<OPTGROUP LABEL="US">

 

<option value="64">AK-Alaska<option value="65">AL-Alabama<option value="66">AR-Arkansas<option value="67">AZ-Arizona<option value="68">CA-California<option value="69">CO-Colorado<option value="70">CT-Connecticut<option value="71">DC-District Of Columbia<option value="72">DE-Delaware<option value="73">FL-Florida<option value="74">GA-Georgia<option value="75">HI-Hawaii<option value="76">IA-Iowa<option value="77">ID-Idadho<option value="78">IL-Illinois<option value="79">IN-Indiana<option value="80">KS-Kansas<option value="81">KY-Kentucky<option value="82">LA-Louisiana<option value="83">MA-Massachusetts<option value="84">MD-Maryland<option value="85">ME-Maine<option value="86">MI-Michigan<option value="87">MN-Minnesota<option value="88">MO-Missouri<option value="89">MS-Mississippi<option value="90">MT-Montana<option value="91">NC-North Carolina<option value="92">ND-North Dakota<option value="93">NE-Nebraska<option value="94">NH-New Hampshire<option value="95">NJ-New Jersey<option value="96">NM-New Mexico<option value="97">NV-Nevada<option value="98">NY-New York<option value="99">OH-Ohio<option value="100">OK-Oklahoma<option value="101">OR-Oregon<option value="102">PA-Pennsylvania<option value="103">RI-Rhode Island<option value="104">SC-South Carolina<option value="105">SD-South Dakota<option value="106">TN-Tennessee<option value="107">TX-Texas<option value="108">UT-Utah<option value="109">VA-Virginia<option value="110">VT-Vermont<option value="111">WA-Washington<option value="112">WI-West Virginia<option value="113">WV-Wisconsin<option value="114">WY-Wyoming</select>&nbsp;&nbsp;&nbsp;

 

<b>City:</b> <select name="CityID" onChange="form.submit()" ><option value="">

<option value="1297"><option value="20">-----<option value="52" selected>100 Mile House<option value="53">108 Mile Ranch<option value="54">70 Mile House<option value="1">Abbotsford<option value="55">Agassiz<option value="56">Ahousat<option value="57">Ainsworth Hot Springs<option value="58">Aldergrove<option value="1326">Aldergrove, Langley<option value="1324">Aldergrove/Langley<option value="59">Alert Bay<option value="60">Alexis Creek<option value="61">Anahim Lake<option value="62">Anglemont<option value="63">Argenta<option value="64">Armstrong<option value="65">Ashcroft<option value="66">Atlin<option value="67">Avola<option value="68">Balfour<option value="69">Bamfield<option value="70">Barriere<option value="71">Bear Lake<option value="72">Bella Bella<option value="73">Bella Coola<option value="74">Big White/Kelowna<option value="75">Birken<option value="76">Black Creek<option value="77">Blue River<option value="78">Boston Bar<option value="79">Boswell<option value="80">Bowen Island<option value="81">Bowser<option value="82">Brackendale<option value="83">Brentwood Bay<option value="2">Burnaby<option value="84">Burns Lake<option value="85">Burton<option value="86">Cache Creek<option value="87">Campbell River<option value="88">Canim Lake<option value="89">Castlegar<option value="90">Celista<option value="302">Central Saanich<option value="91">Charlie Lake<option value="92">Chase<option value="93">Chemainus<option value="94">Chetwynd<option value="27">Chilliwack<option value="95">Christina Lake<option value="96">Clearwater<option value="97">Clinton<option value="3">Cloverdale<option value="98">Coldstream<option value="99">Comox<option value="4">Coquitlam<option value="100">Cortes Island<option value="101">Courtenay<option value="102">Cowichan Bay<option value="103">Cranbrook<option value="104">Crawford Bay<option value="105">Creston<option value="106">Crofton<option value="107">Cultus Lake<option value="108">Cumberland<option value="109">Dawson Creek<option value="110">Deep Cove<option value="9">Delta<option value="111">Denman Island<option value="112">Duncan<option value="113">Eagle Bay<option value="114">Eagle Creek<option value="115">Egmont<option value="116">Elkford<option value="117">Enderby<option value="118">Fairmont Hot Springs<option value="119">Falkland<option value="120">Fanny Bay<option value="121">Fauquier<option value="122">Fernie<option value="123">Field<option value="124">Forest Grove<option value="125">Fort Fraser<option value="305">Fort Langley<option value="126">Fort Nelson<option value="127">Fort St. James<option value="128">Fort St. John<option value="1323">Francois Lake<option value="129">Fraser Lake<option value="130">Fruitvale<option value="131">Gabriola<option value="50">Gabriola Island<option value="132">Galiano Island<option value="133">Gang Ranch<option value="134">Garden Bay<option value="135">Garibaldi Highlands<option value="136">Gibsons<option value="137">Gold Bridge<option value="138">Gold River<option value="139">Golden<option value="140">Grand Forks<option value="141">Greenwood<option value="142">Groundbirch<option value="143">Halfmoon Bay<option value="144">Harrison Hot Springs<option value="145">Harrison Mills<option value="146">Hazelton<option value="147">Hedley<option value="148">Heffley Creek<option value="149">Heriot Bay<option value="150">Hixon<option value="151">Hope<option value="152">Hornby Island<option value="153">Horsefly<option value="154">Horsefly Lake<option value="300">Horseshoe Bay<option value="155">Hotsprings Cove<option value="156">Houston<option value="157">Hudson's Hope<option value="158">Invermere<option value="159">Jordan River<option value="160">Kaleden<option value="161">Kamloops<option value="162">Kaslo<option value="163">Kelowna<option value="164">Keremeos<option value="165">Kimberley<option value="166">Kitimat<option value="167">Lac La Hache<option value="5">Ladner<option value="49">Ladysmith<option value="168">Lake Cowichan<option value="6">Langley<option value="169">Lasqueti Island<option value="170">Likely<option value="171">Lillooet<option value="172">Little Fort<option value="173">Logan Lake<option value="174">Lone Butte<option value="175">Lumby<option value="176">Lytton<option value="177">Mackenzie<option value="178">Madeira Park<option value="179">Malahat<option value="180">Malakwa<option value="7">Maple Ridge<option value="181">Mara Lake<option value="182">Masset<option value="183">Mayne Island<option value="184">McBride<option value="185">McLeese Lake<option value="186">Merritt<option value="187">Midway<option value="188">Mill Bay<option value="8">Mission<option value="189">Moberly Lake<option value="190">Mount Currie<option value="191">Nakusp<option value="192">Nanaimo<option value="193">Nanoose Bay<option value="194">Naramata<option value="195">Nass Camp<option value="196">Nelson<option value="197">New Aiyansh<option value="198">New Denver<option value="199">New Hazelton<option value="12">New Westminster<option value="200">Nimpo Lake<option value="10">North Surrey<option value="11">North Vancouver<option value="201">Okanagan Falls<option value="202">Oliver<option value="203">Osoyoos<option value="24">Other Cities<option value="204">Oyama<option value="205">Parksville<option value="206">Parson<option value="207">Peachland<option value="208">Pemberton<option value="209">Pender Island<option value="210">Penticton<option value="14">Pitt Meadows<option value="211">Port Alberni<option value="212">Port Alice<option value="213">Port Clements<option value="13">Port Coquitlam<option value="214">Port Edward<option value="215">Port Hardy<option value="216">Port McNeill<option value="15">Port Moody<option value="217">Port Renfrew<option value="218">Pouce Coupe<option value="219">Powell River<option value="220">Prince George<option value="221">Prince Rupert<option value="222">Princeton<option value="223">Pritchard<option value="224">Quadra Island<option value="225">Qualicum Beach<option value="226">Quathiaski Cove<option value="227">Queen Charlotte<option value="228">Quesnel<option value="229">Radium Hot Springs<option value="230">Revelstoke<option value="16">Richmond<option value="231">Roberts Creek<option value="232">Rock Creek<option value="233">Rosedale<option value="234">Rossland<option value="301">Saanich<option value="48">Saanichton<option value="235">Salmo<option value="236">Salmon Arm<option value="237">Salt Spring Island<option value="238">Sandspit<option value="239">Savona<option value="240">Sayward<option value="241">Sechelt<option value="242">Secret Cove<option value="243">Shalalth<option value="29">Shawnigan Lake<option value="244">Sicamous<option value="28">Sidney<option value="245">Silver Star Mountain<option value="246">Silverton<option value="247">Skookumchuck<option value="248">Slocan<option value="249">Slocan Park<option value="250">Smithers<option value="251">Sointula<option value="252">Sooke<option value="253">Sorrento<option value="254">South Hazelton<option value="255">Sparwood<option value="256">Spences Bridge<option value="257">Spillimacheen<option value="258">Squamish<option value="259">Stewart<option value="260">Summerland<option value="261">Sun Peaks<option value="17">Surrey<option value="262">Surrey<option value="263">Tahsis<option value="264">Takysie Lake<option value="265">Tappen<option value="266">Tatla Lake<option value="267">Tatlayoko Lake<option value="268">Telkwa<option value="269">Terrace<option value="43">Thetis Island<option value="270">Thornhill<option value="271">Tlell<option value="272">Toad River<option value="273">Tofino<option value="274">Topley<option value="275">Trail<option value="18">Tsawwassen<option value="276">Tumbler Ridge<option value="277">Ucluelet<option value="278">Valemount<option value="279">Van Anda<option value="19">Vancouver<option value="1334">Vancouver West<option value="1331">VancouverA<option value="1325">VancouverVancouver<option value="280">Vanderhoof<option value="281">Vavenby<option value="282">Vernon<option value="26">Victoria<option value="283">Wasa<option value="284">Wells<option value="285">West Ladner<option value="286">West Quesnel<option value="287">West Sechelt<option value="22">West Vancouver<option value="51">Westbank<option value="288">Westbridge<option value="289">Westwold<option value="25">Whistler<option value="290">White Lake<option value="23">White Rock<option value="291">Williams Lake<option value="292">Windermere<option value="293">Winfield<option value="1305">Winnipeg<option value="294">Wonowon<option value="295">Woss<option value="296">Yahk<option value="297">Yale<option value="298">Youbou<option value="299">Zeballos</select>        			  

        			  

 

 

 </form>

 

<form method="post" action="editneighbourhoods.php">

<input type="hidden" name="do" value="write">

<input type="hidden" name="ProvinceID" value="1">

<input type="hidden" name="CityID" value="52">

<table cellpadding="1" cellspacing="1">

<td><b>Name</b></td>

<td><b>Featured</b></td>

<td><b>Text</b></td>

<tr><td valign=top><input size=40 class=search name="Name699" value="Lac La Hache"></td><td valign=top><select class=search name="Featured699"><option value=null><option value="56">aus

<option value="2">clg

<option value="1">van

<option value="3">win

</select></td>

 

<td><textarea rows="4" cols="60" name="SiteText699" >this is a test</textarea></td>

</table>

<input type=submit value="Write Values">

</form>

 

</font></body></html>

Open in new window

0
Comment
Question by:ktwdallas
  • 4
  • 3
8 Comments
 
LVL 8

Expert Comment

by:aldanch
ID: 22745121
I can't test any code right now but have you played with the urlencode() and urldecode() functions?

You may want to urlencode the textarea before submitting it... then urldecode it when you pull it back out.

There is also htmlentities(). This would convert the "<" and ">" to < and > respectively
0
 

Author Comment

by:ktwdallas
ID: 22745382
I thought URLencode was a PHP function, which wouldn't be something I could use until the submit has already taken place, right (past the point the html is removed)? Or is it available in Javascript too?
0
 
LVL 8

Expert Comment

by:aldanch
ID: 22745406
Yes, the function in Javascript would be "escape()"

The PHP function that decodes that would be "urldecode()"
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 22745410
HTML, line breaks and almost all formatting is removed from text areas when the user completes the box.

For HTML in textarea, you need to use RICH TEXT AREA -- it preserves all formatting you want

www.textarearich.com/
www.dynamicdrive.com/dynamicindex16/richtexteditor/index.htm
www.tcpiq.com/tcpIQ/HTMLRichTextArea/
www.topshareware.com/HTML-Rich-Text-Area-download
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:ktwdallas
ID: 22745652
I rebuilt the file and it's still doing it. It's not just textarea, I put in a Hidden field:
<input type="hidden" name="atest" value="<h1>asdf</h1>">

and when I view the results, the html is gone.

There is another web page (edit.php, attached) which I also put the loop in to test and html tags are still there. I've examined the difference between the two files, even down to making sure they're both UNIX (LF), Unicode UTF-8 (the settings I got from the form file that works).

I've wasted an entire day on this and I feel so ridiculous I cannot see the difference in these two files.

both files enclosed, edit.php which works, editneighbourhood.php which doesn't.
Archive.zip
0
 
LVL 8

Expert Comment

by:aldanch
ID: 22745676
How are you checking to see if the HTML is there?

If you are just outputting it to the browser you won't see it. Maybe put it between the <pre> </pre> tags or write it out to a textarea to see if the HTML is still intact.
0
 

Author Comment

by:ktwdallas
ID: 22745698
I'm looking at view Source.. though even the loop output shows the Heading formatting of my simple test on the file that works..
0
 

Accepted Solution

by:
ktwdallas earned 0 total points
ID: 23368157
I actually found the answer myself. I was using $_REQUEST['xxx'] in my form processor which was giving me an HTML-free version, when I should have been just using $_POST['xxx'] to get the field with the tags.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
jquery, html5 UI 1 49
HTML page and JavaScript 2 54
using hash in login 34 20
How to fetch your row in php 14 8
Someone recently asked me about how to display a progress indicator on a page while an iframe is loading. And I remember when I first came across this myself. It was a bit tricky to get my head around, but really, it's very simple. The most impor…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now