php - HTML Output from DB Issue -


i running ckeditor textarea wysiwyg field through htmlspecialchars() , dumping database.

i fetching field in database , it's outputting html screen. reason why outputting html , not utilizing html markup?

code data dump:

if (isset($_post['submit'])) {      $ticketbody = htmlspecialchars($_post['ticketbody']);      $sql = "insert tickets (ticket_text) values(:ticketbody)";     $stmt = $conn->prepare($sql);     $stmt->bindparam(':ticketbody', $ticketbody, pdo::param_str);     $stmt->execute();  } 

looping through data

foreach ($rows $row) {     <?php echo $row['ticket_text']; ?> } 

screencast of output: http://screencast.com/t/wbuus3orw

note: adding htmlspecialchars_decode echo statement works turns text white! i'm not sure why, either - http://screencast.com/t/jgjmaocdyutm

strip_tags() function doesn't work either.

use mysqli_real_scape_string instead of html_special_chars maintain html code anda specials chars while database keep safe, in next link can found documentation if this.

for security don't click here, never!!


Comments

Popular posts from this blog

python - Healpy: From Data to Healpix map -

c - Bitwise operation with (signed) enum value -

xslt - Unnest parent nodes by child node -