I'm working on a site where users have the option to type HTML code into a textarea, or upload HTML code from a local file which is then displayed in the text area.
The obvious problem is that an uploaded file that contains a closing tag for a textarea can wreak havoc and eat up the rest of the page. So, in order to get it to display properly, I called htmlspecialchars() on the string and that works fine.
After any editing has been done, I can convert the text back using html_entity_decode(). This seems to be a decent solution to the problem.
However, if the user has included htmlentities in their code, won't these get converted when I call the decode function? Even something simple like using a '<' symbol for a little arrow. This would need to remain a '<' and not get converted when html_entity_decode() is called.
Anybody dealt with something along these lines before or have some idea of a good solution?
Thanks- Thaddeus
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
