我知道这是一个旧的,因为我现在已经在网上搜索了3个小时,而我却无法想出这个。我知道在我的代码中的某个地方我必须放html_entity_decode或htmlspecialchars_decode,因为我相信html实体在从数据库中提取时不会转换回...但是在哪里?无论是编辑还是创建都没关系...我试图同时使用CKeditor和TinyMce ..同样的事情发生..没有插件..所以对编辑器所做的任何改动都没有。
这是编辑
<?php find_selected_page(); ?>
<?php
if (isset($_POST['submit'])) {
// Process the form
$id = $current_subject["id"];
$menu_name = mysql_prep($_POST["menu_name"]);
$position = (int) $_POST["position"];
$visible = (int) $_POST["visible"];
$content = mysql_prep($_POST["content"]);
// validations
$required_fields = array("menu_name", "position", "visible", "content");
validate_presences($required_fields);
$fields_with_max_lengths = array("menu_name" => 30);
validate_max_lengths($fields_with_max_lengths);
if (empty($errors)) {
// Perform Update
$query = "UPDATE subjects SET ";
$query .= "menu_name = '{$menu_name}', ";
$query .= "position = {$position}, ";
$query .= "visible = {$visible}, ";
$query .= "content = '{$content}' ";
$query .= "WHERE id = {$id} ";
$query .= "LIMIT 1";
$result = mysqli_query($connection, $query);
if ($result && mysqli_affected_rows($connection) == 1) {
// Success
$_SESSION["message"] = "Stranica uređena.";
redirect_to("manage_content.php?subject={$id}");
} else {
// Failure
$_SESSION["message"] = "Uređivanje stranice neuspjelo.";
}
}
} else {
// This is probably a GET request
} // end: if (isset($_POST['submit']))
?>
这是回声的地方
<textarea name="content" id="editor1" class="form-control" rows="20" cols="80"><?php echo htmlentities($current_subject["content"]); ?></textarea>
<script>
// Replace the <textarea id="editor1"> with a CKEditor
// instance, using default configuration.
CKEDITOR.replace( 'editor1', {
language: 'hr',
} );
</script>
以下是功能
function find_all_subjects($public=true) {
global $connection;
$query = "SELECT * ";
$query .= "FROM subjects ";
if($public) {
$query .= "WHERE visible = 1 ";
}
$query .= "ORDER BY position ASC";
$subject_set = mysqli_query($connection, $query);
confirm_query($subject_set);
return $subject_set;
}
function find_subject_by_id($subject_id, $public=true) {
global $connection;
$safe_subject_id = mysqli_real_escape_string($connection, $subject_id);
$query = "SELECT * ";
$query .= "FROM subjects ";
$query .= "WHERE id = {$safe_subject_id} ";
if($public){
$query .= "AND visible = 1 ";
}
$query .= "LIMIT 1";
$subject_set = mysqli_query($connection, $query);
//Test if there was a query error
confirm_query($subject_set);
if($subject = mysqli_fetch_assoc($subject_set)) {
return $subject;
}else {
return null;
}
}
function find_selected_page($public=false) {
global $current_subject;
global $current_page;
if(isset($_GET["subject"])) {
$current_subject = find_subject_by_id($_GET["subject"], $public);
$current_page = null;
}elseif (isset($_GET["page"])) {
$current_page = find_page_by_id($_GET["page"], $public);
$current_subject = null;
}else{
$current_subject = null;
$current_page = null;
}
}
所以,最后看起来应该是这样的: 以下是公共页面上的部分文字
相反,它看起来像这样
<p>Here is <strong>some</strong> text on the public page</p>
您需要从代码中添加其他内容吗?
有什么建议吗?
是否可以显示回显文本raw,然后编辑器接受并显示它而不使用html标记?
或者我该如何使用它?
PHP’s strip_tags() equivalent MYSQL function
如果我添加
$content = mysql_prep(strip_tags(html_entity_decode($_POST["content"])));
然后没有文字格式..
提前致谢...
答案 0 :(得分:3)
我明白了......事实证明我看错了东西......我正在看“编辑页面”并在那里摆弄了很多,但我只需要应用html_entity_decode,其内容已经显示在客户端或在我的情况下也在“管理内容”......我甚至没有在问题中包含那部分...这么愚蠢......:D
<?php echo html_entity_decode($current_subject["content"]); ?>
也许这将有助于未来的人...... :)