0

我遇到了一个问题,我让用户将信息输入到 textarea 并将该信息存储在 mysql 数据库中。允许用户将 HTML 插入文本区域,例如:

<ul>
  <li>Test</li>
</ul>

但是,我无法理解为什么从数据库中检索以显示用户输入的数据的数据没有显示用户请求的正确 HTML 格式。

这就是我所拥有的: 显示信息:

<?php
function display ($result) {
  if (mysql_num_rows($result) > 0) {
    echo "<form action='scripts/submit.php' method='post'>";
      echo "<input type='submit' name='post' value='Post'/>";
      echo " | ";
      echo "<label for='searchDate'>Search Archives By Date:</label>";
      echo "<input type='text' name='searchDate'>";
      echo "<input type='submit' name='submitDate' value='Search'/>";
      echo " | ";
      echo "<label for='searchTicket'>Search Archives By Ticket:</label>";
      echo "<input type='text' name='searchTicket'/>";
      echo "<input type='submit' name='submitTicket' value='Search'/>";
      echo "<hr/>";
    echo "</form>";
    echo "<table border='1' id='resultTable'>";
      while($row = mysql_fetch_assoc($result)) {
      $replace = str_replace ("\n","<br/>",$row['content']);
      echo "<tr>";
        echo "<td><span id='boldText'>Entry By:</span> ".$row['user']." | <span id='boldText'>Description:</span> ".$row['description']." | <span id='boldText'>Entry Date:</span> ".$row['date']."</td>";
      echo "</tr>";
      echo "<tr>";
        echo "<td>";
            echo "<p>".$replace."</p>";
        echo "</td>";
      echo "</tr>";
      echo "<tr>";
        echo "<td>";
          echo "<form action='scripts/submit.php' method='post'>";
            echo "<input type='hidden' name='count' value='$row[count]'/>";
            echo "<input type='submit' name='edit' value='Edit'/>";
            echo "<input type='submit' name='delete' value='Delete'/>";
          echo "</form>";
        echo "</td>";
      echo "</tr>";
          }
          echo "</table>";
      }
      else {
        echo "<h3 id='noResults'>Nothing has been posted yet.  Click 'Post' to add something to the whiteboard.</h3>";
        echo "<form action='scripts/submit.php' method='post'>";
          echo "<input type='submit' name='post' value='Post'/>";
        echo "</form>";
      }
}

?>

添加帖子逻辑:

if(isset($_POST['add_post'])) {
$content = mysql_real_escape_string($_POST['content']);
$description = mysql_real_escape_string($_POST['desc']);

  $query = "INSERT INTO $table_name (user, description, content)
            VALUES ('$_SESSION[logged_in]','$description', '$content')";
  $result = mysql_query($query);
  session_write_close();
  header('Location: ../whiteboard.php');
}

出于某种原因,上面的示例将不起作用,但这将:

<p style="font-weight: 900;">Test</p>
4

2 回答 2

1

在使用htmlentities()nl2br()插入数据库之前尝试解析,并在取回时执行相反的操作。

于 2012-05-14T04:08:00.783 回答
0

如果您在浏览器中查看数据库条目,您将看到格式化 HTML 的结果,而不是实际的标记 - 如果您想要的话,请使用 htmlentities($result)。

查看页面源以查看正在检索的内容并查看它与您期望看到的内容有何不同。

于 2012-05-14T04:52:46.623 回答