7

I'm trying to store HTML in a database, so when I retrieve the form from the database, I need to show it as a form rather than text. Is there a way to do that?

This is the form

$form = "<form id='' method='' action='' class=''>
    <input type='hidden' name='my-item-id' value= $uid />
    <input type='hidden' name='my-item-name' value=$title />
    <input type='hidden' name='my-item-price' value='1' />
    <input type='hidden' name='my-item-qty' value='1' />
    <input type='submit' name='my-add-button' class='button' value='Add to cart'/>
     </form>";

at the moment when I retrieve the above from the database it shows as text,

also the form field in the database is varchar(1000)

include('adodb.inc.php');
include('adodb-pager.inc.php');
$sql = 'select title as "TITLE",description as "DESCRIPTION",form as "ADD TO CART" from mathspapers order by sysdate desc';
$pager = new ADODB_Pager($db,$sql);

$pager->Render();

Thanks

Improve this question
3
  • 1
    You should probably include the code you use to read the values out of the database, and send it to the client. Commented Nov 23, 2010 at 13:29
  • Please show the code you are using to retrieve the code. Also, what size is your varchar field? Commented Nov 23, 2010 at 13:31
  • saving POST as serialised is enough ? Commented Nov 23, 2010 at 13:32

5 Answers 5

Reset to default
7

When you are storing text in Database you probably use addslashes().
Then when you return text from Database you need something like stripslashes() before you show your HTML text. PHP Manual on stripslashes

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Instead of storing whole form pattern (and values) in the db field i can advise you to store only form field names and data (values) as key-value pairs.

You can easily use them if you store them in a standard way like ; (use at form processing page)

$form_data = "my-item-id=".$_POST["my-item-id"]."&my-item-name=".$_POST["my-item-name"]."&my-item-price=".$_POST["my-item-price"]."&my-item-qty=".$_POST["my-item-qty"];

then store $form_data only at db

to use data from db (surely after pulling $form_data from db) you can use parse_str

parse_str($form_data,$form_data_from_db);

echo $form_data_from_db["my-item-id"] will print your stored form input for instance

But these are not the my main advice. How you will build your pattern for each stored data field? Just build a function to create form like many cms does.

try this ;

function myform_pattern_1($id,$method,$action,$class,$form_data){

parse_str($form_data,$fd);

$form_html = "<form id='' method='' action='' class=''>";
$form_html .= "<input type='hidden' name='my-item-id' value='".$fd["my-item-id"]."' />";
$form_html .= "<input type='hidden' name='my-item-name' value='".$fd["my-item-id"]."' />";
$form_html .= "<input type='hidden' name='my-item-price' value='".$fd["my-item-id"]."' />";
$form_html .= "<input type='hidden' name='my-item-qty' value='".$fd["my-item-id"]."' />";
$form_html .= "<input type='submit' name='my-add-button' class='button' value='Add to cart'/>";
$form_html .= "</form>";
return $form_html;
}

Call this function where you like as ;

echo myform_pattern_1("form_id","post","","form_class",$form_data);

This usage has a great advantage to your method. You can change form syntax whenever you wish this way. You will -maybe- want to integrate a Jquery validation plugin later or just want to use another styling or even change syntax by adding tags you will have to change all stored db fields if you store whole form at db. Function usage is much more flexible.Also you will not use db for storing unnecessary -repeating- tags etc.

i hope you like , cys

For more information on parse_str ; http://php.net/manual/en/function.parse-str.phpenter code here

Improve this answer

Comments

0

If I had to guess, I would say your VARCHAR field is too small to take up all the HTML, so a tag gets cut off somewhere, resulting in the HTML being shown as text.

Improve this answer

1 Comment

Hi, thanks for the reply,I can see the full form as text so I dont think the varchar is small.
0

My guess without any more supporting evidence is that you are converting the form html into their html safe equivalents, hence it just 'outputs' as text, it is just text.

Double check your output that the actual source code is not something like &lt; for <

Improve this answer

Comments

0

From the PHP documentation for htmlspecialchars: Certain characters have special significance in HTML translations made are those most useful for everyday web programming. If you require all HTML character entities to be translated, use htmlentities() instead.

The result is stored in the db and then when it is pulled from the db.

You have it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.