Uncharted Waters... for me.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hello everyone. I have a display problem (go figure), but it may be
complicated. Essentially, I have a textarea that a user types in. While
typing, they can put in paragraphs, line breaks, bullets, etc. They
click save and the data is written to a MySQL database. I then display
their input on a separate page with vbscript. Problem is, no matter
what they have typed it is displayed as one long paragraph. Any ideas
or tutorials on getting over this and displaying their text as they
intended? Thanks.

Re: Uncharted Waters... for me.

Quoted text here. Click to load it

Please note that vbscript will not work in any browser outside of IE.
Unless you're using the script merely as a handler and not as part of the
page output.

Re: Uncharted Waters... for me.

richard wrote:
Quoted text here. Click to load it

I took it that he is talking about VBScript and ASP displaying the
page.  Does mySQL strip the CR-LF?  Did his code to save it strip them?
 My guess is that is what the OP needs to look at.

Re: Uncharted Waters... for me.

1995 Cobra wrote:

Quoted text here. Click to load it

Hopefully that's server-side VBScript under ASP ?

Quoted text here. Click to load it

No, of course not. We can't see your site, you didn't give us a URL to
it. We need this!

In particular we need to see what the returned output is. Clearly it
has lost any sort of <p> tag in the returned HTML. Where did they go?
Did they get converted to &lt;p&gt; ?  Stripped out ?  Never got
generated in the first place, if users simply entered linebreaks?

Quoted text here. Click to load it

Dump VBScript.  If you're using ASP, then learn JScript instead (a
dialect of JavaScript).

See it as two problems. Get a HTML page that works and is styled how
you want it. Then make a JScript program that creates this page. If you
have a display problem (like this), then debug it
_as_a_static_HTML_page_ first.

Be very careful about separating "content" and "sanitised content" and
"content encoded as HTML ready to write to the browser". It's common to
use a naming convention on your variables to make this self-evident.
You don't want to risk "double encoding" errors.

Be very careful about what you let people enter and store in the
database. Can they enter the string "'; DROP TABLE <foo>" ?   Do you
even know why I'm asking ?

Consider throwing it away and downloading something ready-made (almost
any blog). This is _not_ an easy problem to do in a secure and
hacker-proof manner.

Re: Uncharted Waters... for me.

Quoted text here. Click to load it

The problem you are experiencing is the textarea box formats text with, and
reads ASCII formatting codes, which, when pulled from the DB and thrown onto
a web page the browser igonores.

The browser is expecting HTML formatting, without it, the text is just one
big blob, as far as the browser is concerned.

For simple formatting you can code your vbscript to replace chr(10) with
<br> in your output

[ie- myText = Replace(someText, Chr(10), "<br>").]

If you want more than that, you will have to code to replace the ASCII with
HTML on the way into the DB.

Site Timeline