Re: Editing in a text area field

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





ceo@xxxxxxxxx wrote:
Rule #1.
Never, ever, ever, alter the user's input, EXCEPT for sanitizing/filtering.
Specifically, do NOT add <br /> tags in place of newlines.
Store the newlines.

Upon OUTPUT, you can use nl2br() to get <br /> tags.
Or str_replace if you want </p> instead.

This is crucial as a habit, down the road, when you later want to put their stuff out as non-HTML such as RSS or PDF or other output mechanisms.

Consider their input as sacrosanct (except for dangerous/evil input).

I've been following this thread with interest because it is a recurring challenge I've had to deal with while coding applications for my running club. We have numerous non techies who enter text material for several applications.

My code deals with most, if not all, the issues brought up in this thread.

All processing on server-side. I save the user's input intact and only add the HTML and styling code on the fly when sending to browsers. Also, note, my rendered code is XHTML compliant. The error checking for the user is done with Tidy.

If anyone is interested, I will provide the code used for this portion of the application. It is well documented and easily modified.

Here is a copy of the user instructions for entering text in a textarea. Keep in mind when reading the instructions that the examples are styled, colored, bolded, etc. They are not in this plain text copy. The real thing is here: http://www.ridersite.org/miniReg/miniRegInstr.php
******************************************************
User Instructions and Text Highlighting

Proxie Tags are special instructions for the user's browser and consist of starting and, generally [there are exceptions as noted], ending elements [e.g., <blue>Blue Text</blue>] Tag names can be lower or upper case, or any combination. A complete list of the usable tags is located just below the User Instructions box.

HTML tags: You can use actual HTML tags; but, unless you are proficient with HTML coding, we recommend sticking with the proxy tags.

Emphasize text like this:
<red>Red Text</red> <blue>Blue Text</blue> <bold>bold text</bold> [or the html <b>bold text</b>] <italic>italic</italic> <underline>underline</underline>

Headers: <header>Header Text</header> are used as paragraph lead-ins and are always left justified.

New Lines: Occasionally, you may want to force a new line. Simple add this tag as needed <br> to force the new line.

Titles: Titles are centered when rendered. You can use this tag for blue titles <blueTitle>Title</blueTitle> and <bluesubtitle>Blue Subtitle</bluesubtitle>; and this for normal titles <title>Title</title> Titles and subtitles must be on separate lines.

Use this syntax for Email and URL Links:
email links: <email>recipient's email addr<name>recipient's name</email>
URL links: <link>URL<label>link text</link>,

IMPORTANT.. Be very careful that you "close" all tags [e.g., </span> </blue>] and that tags are nested properly [e.g., <red><bold>Red Text</bold> </red> ]. Note that <bold> and </bold> are both inside of <red> and </red>.
User Instructions HTML Error Checking

To insure your user instructions will display properly on all browsers, the proxie and html tags you used are checked for validity. The check is performed on the actual HTML code that will be sent to the user. Thus, the proxie tags you used will have been converted to HTML tags.

The Error Report: shows the HTML errors and thus it may not be clear the cause is due to a proxy tag error. For example, assume you misspelled <link> as <lunk>, the error report will say "Error: <lunk> is not recognized! Warning: discarding unexpected <lunk> Warning: discarding unexpected </a>". The <lunk> error is noted OK. But, note the "discarding unexpected </a>"; that is because you correctly spelled the </link> proxy tag and the proxy-to-HTML conversion process properly converted it to the HTML </a> tag. The error checker thus found an unexpected </a> tag.

Pasting Text from Word Processors: You can copy/paste text from your wordprocessor into the "member/user instructions" box. However, you need to be alert since wordprocessors use some special characters that are incompatible with internet standards. MiniReg converts most, but not all, of them to equivalent internet compatible characters. Carefully check your text in the box and make any necessary corrections.
****************************************************************

/**
* Proxie tags for user admin prepared user instructions
* You add new ones, keep alpha order; just make certain they render properly under the "Compose your member/user instructions here" box
*/
$proxiesTranslateArray = array(// *
    '<link>' => '<a href="http://',
    '<label>' => '" target="_blank">',
    '</link>' => '</a>',
    "<email>" => '<a href="mailto:',
    "<name>" => "\">",
    '</email>' => '</a>',
    '<line>' => '<hr />',
    '<br>' => '<br />',
    '<blue>' => '<span class="blue">',
    '</blue>' => '</span>',
    '<bluesubtitle>' => '<div class="blueSubTitle">',
    '</bluesubtitle>' => '</div>',
    '<bluetitle>' => '<div class="blueTitle">',
    '</bluetitle>' => '</div>',
    '<bold>' => '<b>',
    '</bold>' => '</b>',
    '<green>' => '<span class="green">',
    '</green>' => '</span>',
    '<header>' => '<div class="header">',
    '</header>' => '</div>',
    '<italic>' => '<i>',
    '</italic>' => '</i>',
    '<red>' => '<span class="red">',
    '</red>' => '</span>',
    '<subtitle>' => '<div class="subtitle">',
    '</subtitle>' => '</div>',
    '<title>' => '<div class="title">',
    '</title>' => '</div>',
    '<underline>' => '<span class="underline">',
    '</underline>' => '</span>',
    );

Here is my Word translation table:

//Translate table for dumb Windows chars when user pastes from Word; function strips all >160

$win1252ToPlainTextArray=array(
chr(130)=> ',',
chr(131)=> '',
chr(132)=> ',,',
chr(133)=> '...',
chr(134)=> '+',
chr(135)=> '',
chr(139)=> '<',
chr(145)=> '\'',
chr(146)=> '\'',
chr(147)=> '"',
chr(148)=> '"',
chr(149)=> '*',
chr(150)=> '-',
chr(151)=> '-',
chr(155)=> '>',
chr(160)=> ' ',
);



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux