Can anyone help me to solve my issue regarding the image downloading function? The situation goes like this: actually I wanna download a gantt chart image from a site that generates some string url as the image! not even http://www.example.com/img/image.png but something like http://www.example.com/img/index.php?=task&d=&Work=0...
Disregarding what language or environment you are working in, simply using the full URL with all the GET variables in place will provide you with the image.
It should not matter.
Judging from your comments below, your code is not working because you are using PHP's htmlspecialchars function.
Htmlspecialchars will turn symbols that you cannot represent in HTML output simply by adding them to the source of an html document (such as &, < and >) into identifiers that will let the browser know what kind of character to render.
for instance the ampersand (&) could be rendered by & the HtmlSpecialChars function does this for you.
When your backend code is outputting parts of html source that aren't visible to the user, such as the source of an image in this case, you do not want to use that function.
It will invalidate the URL by replacing all the & instances in the url by &
Simply do this:
<?php print($url); ?>
Related
I have just installed CK Editor onto a form that submits data to a database, when I want to use an apostrophe ' It is displaying as & #39; on my web page instead.
How can I get it to display an apostrophe instead?
What's happening is that somewhere along the line, CKEditor (or maybe another part of the system) is going through and converting characters that might potentially cause problems (due to having special meaning in HTML) into their HTML entity representations.
This is normal behaviour and if you don't need to do any string manipulation inside your database you can happily leave it as is for that stage. Indeed you can have them in along with normal HTML text and it should render just fine.
Clearly your setup is sufficiently different that something isn't happening. So, you'll want to use something like PHP's html_entity_decode() to convert back to normal unescaped text. There should be an equivalent function available in any language with a half-decent standard library.
I'm not sure if it's possible or not but can you run a script in Quickbase? Such as in a formula field? If so, could someone show me a very simple example? I've figured out how to create custom Dashboards using jQuery so I assume we could do something similar on form/table.
There are two ways you could try to accomplish this. You can use Javascript in URL and Formula URL fields. This will make the link button pop up a window that says "Hello World".
"javascript:alert(\"Hello World\");void(0);"
You can also load a page that you've created using Dan Diebolt's image onload technique. I can't find his original post, but you use the onload event of an image tag to load a .js file. In this example it's a page in the same application named module.js that is being loaded using a Formula Text field with HTML enabled.
"<img qbu=\"module\" src=\"/i/clear2x2.gif\" onload=\"javascript:if(typeof QBU=='undefined'){QBU={};$.getScript('" & URLRoot() & "db/" & Dbid() & ?a=dbpage&pagename=module.js&rand='+Math.random())}\">"
The corresponding module.js file might look something like this:
(function(){
alert("Hello World");
})();
You can take this as far as you'd like from writing functions in module.js that you call from Formula URL Fields to injecting your own HTML into the DOM (though Quickbase recommends you do not do that). My favorite trick is to add <span id="somethingUnique"></span> either in the form builder or a text field with HTML enabled and use that to inject my custom buttons or data.
I have used CKEditor for a few years without really understanding it. I now want to use it to display text which will include HTML, CSS, JavaScript and PHP example code. None of that needs to execute it is just to show the code to others.
Currently I used the textarea replace method to edit content and I need to carry on that way. When I add the content first time it is sanitised (mysqli_real_escape_string) and stored in a MySQL database correctly. It also then displays correctly with the CKEditor markup working as markup and the HTML/PHP showing as a code example. However, when I edit the content a second time the HTML examples become "real" HTML and are no longer visible as examples.
For example this:
<?php echo "hello"; ?>
<p>Hello</p>
is correctly (?) stored as:
<p><?php echo "me"; ?></p>
<p><p>Hello</p></p>
and displays on the page as shown in the first code snippet (which is what I want). When I then hit edit again the code examples vanish into the background as real HTML (part of the page). If I put the code examples in as code snippets (which I would rather not have to do because of the intended users) the result in the editor (second edit) looks like this:
<!--?php echo "me"; ?-->
Hello
I am sure i am missing a basic understanding of what is going on behind the scenes but can anyone explain how to allow users to type in text which includes HTML, CSS, JavaScript, PHP and MySQL code examples which must then appear as examples and not markup (and be editable as examples).
I have played with config.entities and config.protectedSource after some research but they do not seem to be relevant (or to work). Weirdly a couple of times it seemed to work fine and I thought I had cracked it but then stopped with no further changes to the config. That means I now have less idea what I am doing than when I started!
You don't mention which version you are using, but if it's relatively new (4.4+) you can use the Code Snippets plugin that was designed exactly for this. See the demo at http://ckeditor.com/demo#widgets. It might help with the encoding issues too. There's docs on it too.
Th help with the current encoding issue, it would help a LOT if you showed us how you output the data and load it into CKEditor. For example "When I then hit edit again" doesn't really describe anything without context. For example, do you use setData() with AJAX? Do you use an inline editor? Code examples would be the best.
I am using Codeigniter and everything works just fine. I can assign PHP variable to smarty an display them.
But now I am calling a webservice and this webservice returns a complete HTML (and javascript) page.
I want to display this in a smarty template.
So I have done the following:
I have assigned the output of the webservice to a PHP variable and assigned this to a smarty variable (HTMLstring), like I always do. That part works.
In my smarty template I don't need anything but to display the contents of the variable. So my template contains just one line:
{HTMLstring}
But this displays the literal HTML including tags and all. I want to display the output.
(If I copy-paste the output in a separate html file, and open that, it just looks fine)
I 'figured out' the answer.
It appears it makes a difference if I call the template from code or just type the complete url in my browser for testing purposes. The latter didn't work, the former does. I still don't know why. Sorry...
Question closed.
I have a text area in which I am trying to add youtube embed code and other HTML tags. $this->input->post is converting the <iframe> tags to < and > respectively but not the <h1> and <h2> tags.
Any idea how I can store these values?
If you only have a small number of forms that you need to allow iframes in, I would just write a function to restore the iframe (while validating that it's a valid YouTube embed code).
You can also turn off global_xss_filtering in your config (or not implement it if you're using it), but that's not the ideal solution (turning off all of your security to get one thing to work is generally a horrible idea).
$config['global_xss_filtering'] = FALSE;
To see all of the tags that get filtered out, look in the CI_Input class and search for the '$naughty' variable. You'll see a pipe-delimited list (don't change anything in this class).
Why don't you avoid CIs auto sanitizing and use something like htmlspecialchars($_POST['var']); ? Or make a helper function for sanitizing youtube urls...
Or you could either just ask for the video ID code or parse the code from what you are getting.
This would let you use both the URL or the embed code.
Also storing just the ID takes less space in you database, and you could write a helper function to output the embed code/url.
In this case, use $_POST instead of $this->input->post to get the original text area value, and then use HTML Purifier to clean the contents without losing the <iframe> tag you want.
You will need to check HTML Purifier documentation for details. Please, check this specific documentation page about "Embedding YouTube Videos".