Menu
I have a strange problem:
In the database, I have a literal ampersand lt semicolon:
<div whenever its printed into a html textarea tag, the source code of the page shows the > as >.
How do I stop this decoding?
243
Note − By default, we can enter data in a textarea upto 5,24,288 characters. In some cases, there is a need of putting a limit on the size of characters that can be typed in a textarea. So in that case, we can use maxlength attribute to control the number of characters entered in a textarea.
<textarea>: The Textarea element. The <textarea> HTML element represents a multi-line plain-text editing control, useful when you want to allow users to enter a sizeable amount of free-form text, for example a comment on a review or feedback form.
The <textarea> tag also supports the Event Attributes in HTML.
When writing in HTML, the <textarea> tag is an inline element used to designate a plain-text editing control containing multiple lines. It is useful for creating a form field for visitors to leave comments or messages.
You can't stop entities being decoded in a textarea[1] since the content of a textarea is not (unlike a script or style element) intrinsic CDATA, even though error recovery may sometimes give the impression that it is.
The definition of the textarea element is:
<!ELEMENT TEXTAREA - - (#PCDATA) -- multi-line text field --> i.e. it contains PCDATA which is described as:
Document text (indicated by the SGML construct "#PCDATA"). Text may contain character references. Recall that these begin with
&and end with a semicolon (e.g.,Hergé's adventures of Tintincontains the character entity reference for the e acute character).
This means that when you type (the invalid HTML of) "start of tag" (<) the browser corrects it to "less than sign" (<) but when you type "start of entity" (&), which is allowed, no error correction takes place.
You need to write what you mean. If you want to include some HTML as data then you must convert any character with special meaning to its respective character reference.
If the data is:
<div Then the HTML must be:
<textarea>&lt;div</textarea> You can use the standard functions for converting this (e.g. PHP's htmlspecialchars or Perl's HTML::Entities module).
NB 1: If you were using XHTML[2] (and really using it, it doesn't count if you serve it as text/html) then you could use an explicit CDATA block:
<textarea><![CDATA[<div]]></textarea> NB 2: Or if browsers implemented HTML 4 correctly
Ok , but the question is . why it decodes them anyway ? assuming i've added & , save the textarea , ti will be saved < , but displayed as < , saving it again will convert it back to < (but it will remain < in the database) , saving again will save it a < in the database , why the textarea decodes it ?
Since the browser is not sending the data as HTML, the characters are not represented as HTML entities.
If you take the data received from the client and then put it into an HTML document, then you must encode it as HTML first.
145
In PHP, this can be done using htmlentities(). Example below.
<?php $content = "This string contains the TM symbol: ™"; print "<textarea>". htmlentities($content) ."</textarea>"; ?> Without htmlentities(), the textarea would interpret and display the TM symbol (™) instead of "™".
http://php.net/manual/en/function.htmlentities.php
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
