CKEditor 4
Sun, 02/07/2010 - 01:40
#1
cuzzmunger
cuzzmunger's picture
Joined: 07/02/2010
Posts: 7

ckeditor is rendering code to the page

Hi all,

I have implemented the editor in my admin/edit page and when editing it works fine I can insert pics & change text to bold or whatever, but when I submit it & go to the page I edited all it gives me is code.

Im very new to php & desperatley need some help.

here is what I get if I type hello & colour it red 16pt & make it bold

eg.
<p>
<span style="color: #f00"><span style="font-size: 16px"><strong><br />
Hello</strong></span></span></p>
Top
Wed, 02/17/2010 - 14:29
zjerryj
zjerryj's picture
Joined: 17/02/2010
Posts: 5

Re: ckeditor is rendering code to the page

Check the source code of the edited page, is "<" represented by "&lt;"? If it is, it means you have probably applied htmlencode() function to the output HTML, which will turn all special characters like <, >, & to html entities. Also check the database, for you may have used the htmlencode() function when saving the data.
Top
Wed, 02/17/2010 - 23:06
cuzzmunger
cuzzmunger's picture
Joined: 07/02/2010
Posts: 7

Re: ckeditor is rendering code to the page



































































































































































































































Top
Thu, 02/18/2010 - 08:34
zjerryj
zjerryj's picture
Joined: 17/02/2010
Posts: 5

Re: ckeditor is rendering code to the page

When reading the data, apply html_entity_decode() function to it.
e.g. in edit page: Change $editor1 = $row["editor1"]; to $editor1 = html_entity_decode($row["editor1"]);

Could you also paste the source code of page_edit_parse.php? I think you have applied htmlentities() function (Not htmlencode() I metioned above. I was wrong) to the submitted data before updating the database. If you have, just remove the htmlentities() function and then no more modification need to be made.
Top
Thu, 02/18/2010 - 09:40
cuzzmunger
cuzzmunger's picture
Joined: 07/02/2010
Posts: 7

Re: ckeditor is rendering code to the page

thanks heaps for your reply... here is the edit parse

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$pid = $_POST['pid'];
$pagetitle = $_POST['pagetitle'];
$linklabel = $_POST['linklabel'];
$editor1 = $_POST['editor1'];
// Filter Function -------------------------------------------------------------------
function filterFunction ($var) {
$var = nl2br(htmlspecialchars($var));
$var = eregi_replace("'", "&#39;", $var);
$var = eregi_replace("`", "&#39;", $var);
return $var;
}
$pagetitle = filterFunction($pagetitle);
$linklabel = filterFunction($linklabel);
$editor1 = filterFunction($editor1);
// End Filter Function --------------------------------------------------------------
include_once "../scripts/connect_to_mysql.php";
// Add the updated info into the database table
$query = mysqli_query($myConnection, "UPDATE pages SET pagetitle='$pagetitle', linklabel='$linklabel', editor1='$editor1', lastmodified='now()' WHERE id='$pid'") or die (mysqli_error($myConnection));

echo 'Operation Completed Successfully! <br /><br /><a href="index.php">Click Here</a>';
exit();
?>
Top
Thu, 02/18/2010 - 10:02
zjerryj
zjerryj's picture
Joined: 17/02/2010
Posts: 5

Re: ckeditor is rendering code to the page

Change $editor1 = filterFunction($editor1); to $editor1 = mysqli_real_escape_string($editor1);
Because filterFunction() applies htmlspecialchars() (similar to htmlentities()) to the data, which will convert <, >, ' to html entities. Remove it and problem will be solved. In additon, you should apply mysqli_real_escape_string() to the data so as to prevent SQL injection.
Top
Thu, 02/18/2010 - 10:11
cuzzmunger
cuzzmunger's picture
Joined: 07/02/2010
Posts: 7

Re: ckeditor is rendering code to the page

hi thanks again,

Now when I update I just get a blank page?

this is what I changed it to
<?php
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$pid = $_POST['pid'];
$pagetitle = $_POST['pagetitle'];
$linklabel = $_POST['linklabel'];
$editor1 = $_POST['editor1'];
// Filter Function -------------------------------------------------------------------
function filterFunction ($var) {
$var = nl2br(htmlspecialchars($var));
$var = eregi_replace("'", "&#39;", $var);
$var = eregi_replace("`", "&#39;", $var);
return $var;
}
$pagetitle = filterFunction($pagetitle);
$linklabel = filterFunction($linklabel);
$editor1 = mysqli_real_escape_string($editor1);
// End Filter Function --------------------------------------------------------------
include_once "../scripts/connect_to_mysql.php";
// Add the updated info into the database table
$query = mysqli_query($myConnection, "UPDATE pages SET pagetitle='$pagetitle', linklabel='$linklabel', editor1='$editor1', lastmodified='now()' WHERE id='$pid'") or die (mysqli_error($myConnection));

echo 'Operation Completed Successfully! <br /><br /><a href="index.php">Click Here</a>';
exit();
?>
Top
Thu, 02/18/2010 - 11:49
zjerryj
zjerryj's picture
Joined: 17/02/2010
Posts: 5

Re: ckeditor is rendering code to the page

I check the manual, and it should be this:
$editor1 = mysqli_real_escape_string($myConnection, $editor1);
Sorry, I'm not very familiar with mysqli.
Top
Thu, 02/18/2010 - 21:53
cuzzmunger
cuzzmunger's picture
Joined: 07/02/2010
Posts: 7

Re: ckeditor is rendering code to the page

thanks again but its still blank now, I have tried a few things but still no luck....

I could email the files to you if you wanted....Im so stuck
Top
Twitter Facebook Facebook Instagram Medium Linkedin GitHub Arrow down Phone Menu Close icon Check