| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
quoting bug
when i use quotes in a forum message this happens
"this is quoted"
|
|
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
"this is quoted" |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
WTH? it doesnt happen now. somehow in my last post in another thread the quotes were converted to #32432; gibberish. cant reproduce it here by doing exactly the same
BAH =) |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
"when i use quotes in a forum message this happens" |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
grrrr... wth was different in the other post? =D |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
“Allow outsiders to submit entries for your fantastic celebrations held in different parts of the world!” |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
aaaahhha! there. it wasnt regular quotes =)
(pasted from joes post here: http://noname.c64.org/csdb/forums/?roomid=7&topicid=68021#70316 ) |
| |
Devia
Registered: Oct 2004
Posts: 401 |
so is it ok to hi-jack this thread and post lol cats now? |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
only if i get a comic strip from jb !
|
| |
jailbird
Registered: Dec 2001
Posts: 1576 |
Quote: only if i get a comic strip from jb !
Can't do now. Actually have to work. :(
But ontopic, I'd really really really like to see proper unicode support on a site where 50% of the users have obscure international names.
|
| |
booker
Registered: Jul 2003
Posts: 334 |
This may be related to CSDb not supporting other fonts besides typical alphanumerical, no?
So, for instance, if I PM a mate in Polish, instead of Polish fonts, which I can enter into the message, the recipient gets crap like this: rzeźnia. |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
yep, thats exactly it. |
| |
Devia
Registered: Oct 2004
Posts: 401 |
looks polish to me |
| |
jailbird
Registered: Dec 2001
Posts: 1576 |
HTML ISO-8859-1 Reference
So a html_entity_decode would probably fix this. That's in case the special chars aren't intentionally encoded on the presentation layer in the first place. The text was probably encoded to prevent injections to the data access layer, right?
Perff? |
| |
Perff
Administrator
Posts: 1673 |
All text which come from user inputs undergo an html_entities before being displayed again. I guess this is pretty standard?
But this means that '&' is encoded to '&', and therefor stuff like “ isn't displayed af the unicode char but as "“".
If I simply added a html_entity_decode, this would negate the html_entities, and then people can really mess up the site with html-tags etc.
So, what to do? |
| |
chatGPZ
Registered: Dec 2001
Posts: 11293 |
filter all html tags from the input?
or better yet, do nothing and permban whoever messes around with it? =P
|
| |
jailbird
Registered: Dec 2001
Posts: 1576 |
htmlentities, strip_tags and mysql_real_escape_string/addslashes on the string before inserting into database.
- mysql_real_escape_string or addslashes to prevent SQL injection
- strip_tags to strip HTML/PHP tags
- htmlentities for the special chars
... and we're pretty much safe here, right?
Then, a html_entity_decode on the presentation layer. And we'll have international chars finally YEY \o/
I'm guessing that htmlentities is at most intended for mobility between different character encodings and to help presenting html/php code as rendered text on a html page. Still useful as a security layer, though.
Edit: oh, just recalled that CSDb is running on PostgreSQL. So pg_escape_string in this case |
| |
Perff
Administrator
Posts: 1673 |
The database layer is all taken care off, but thanks anyway. ;)
strip_tags? Hm. Isn't that perhaps a bit to much?
I'd still prefer htmlentities over strip_tags, because then things are displayed as they are written in the text-box (except for some special chars that are converted into unicode), and things arn't stripped down as they would with strip_tags. What if someone one day would like to write some example html in a post for some reason? :)
Hm.. Perhaps just some code to escape uni-code things from the evil htmlentities? Should be easy to make.
Edit: Oups.. Accidently made that already. :)
But then it's no longer possible to write "& # 1234" (remove the spaces) |
| |
booker
Registered: Jul 2003
Posts: 334 |
Quote: looks polish to me
Because it has been fixed now. Am I right?
Dziękuję Perff! |
| |
jailbird
Registered: Dec 2001
Posts: 1576 |
Quoting PerffThe database layer is all taken care off, but thanks anyway. ;)
Yeah thought so, just tried to be informative :)
A regular expression for escaping html tags except the code bbcode could also be a solution.
But I see it works perfectly now, you rule, Perff! :D
I could finally write down my name in cyrillic alphabet: Арнолд Чистаи \o/ |
| |
Hein
Registered: Apr 2004
Posts: 939 |
UTF-8 is not an option? :) |
| |
Perff
Administrator
Posts: 1673 |
Damn you!! ;)
As I thought I havn't fixed all places - yet.. But just wait.
Every time you mess something up like this, I'll have to find the missing fix - and fix it!
So I'll have to go to work now.. :) |
| |
Hein
Registered: Apr 2004
Posts: 939 |
Okok, I won't, so you can enjoy your spare time. |
| |
Perff
Administrator
Posts: 1673 |
Ok.
Now I've fixed some of it..
But unless you guys experiment and mess up CSDb, I'll never find the missing places, so don't be shy. :) |
| |
Hein
Registered: Apr 2004
Posts: 939 |
Personally I think it's easier to set the HTML to UTF-8, and let the browser do the work. Then you don't need to do your fixes. |
| |
Perff
Administrator
Posts: 1673 |
Hm? The things I'm fixing to make it work, is to undo what htmlentities does to uni-codes, so that the browser will display them as intended.
I know you should have centralised routines to print text out, but as this site have been developed over 8+ years, this is sadly not the case everywhere.. :)
But perhaps I misunderstood something? |
| |
Hein
Registered: Apr 2004
Posts: 939 |
I understand, had the same issues at work with an old engine we used (spaghetti engine). We decided to keep the whole database/engine Latin-1, and allow users to input their weird char-texts in UTF-8, which got inserted into the latin-1 tabels (as double bytes, no html entities). This to prevent digging through many lines of code to add encoding/decoding. When you fetch out the data, it's displayed correctly again.
Now that I think of it, it may be more work to convert the last 128 chars from the latin-1 charset (which are probably used in your database alot) to their UTF-8 representatives. :/
So it worked for us then, but only because there was no latin-1 (last 128-255 chars) data entered yet. |
| |
booker
Registered: Jul 2003
Posts: 334 |
Quote: Ok.
Now I've fixed some of it..
But unless you guys experiment and mess up CSDb, I'll never find the missing places, so don't be shy. :)
There http://noname.c64.org/csdb/latestforumposts.php Hein's new nick :) |
| |
booker
Registered: Jul 2003
Posts: 334 |
And if we're about quoting bug.
There's this weir behavior, when you press quote button, it:
a) doesn't let you edit the quoting, so you can't ie. delete text you don't refer to
b) don't display the nick of person quoted.
So there, either one uses BB himself [quote="person"] blah blah mlah [/quote] or quoting is sometimes weird :)
|
| |
booker
Registered: Jul 2003
Posts: 334 |
In the oneliner at the frontpage this: ażęółć gives garbage on the second letter from the end.
edit. weird but I tried again and it's fine, except the system entered a space between two last letters.
Other interesting thing is - editing this post gives me back codes instead of Polish letters in the edit box.
|
| |
Perff
Administrator
Posts: 1673 |
About the oneliners, it's because there is put in spaces when a string is too long without spaces, to make it break. I should avoid to put spaces in codes - will think about ways to avoid that.
When you submit a post, the special signs are converted to the & # xxx codes, so that is also what you get when editing the post. Not sure if I can get around that? A problem?
Edit: Fixed the problem when editing posts. Was very simple actually. :) |
| |
doNka
Account closed
Registered: Sep 2009
Posts: 1 |
Cool :) Thankś
/edit/ yeah it works :) |
| |
assiduous
Account closed
Registered: Jun 2007
Posts: 343 |
http://noname.c64.org/csdb/funstuff/stat.php -top 10 voters
http://noname.c64.org/csdb/latestcomments.php |
| |
Devia
Registered: Oct 2004
Posts: 401 |
Quote: Because it has been fixed now. Am I right?
Dziękuję Perff!
Well, it was a joke, which would no longer be a joke when it got fixed ;-)
And I totally agree with booker, that using the QUOTE button, you should be able to edit who and what exactly is quoted.. besides, this quote, quotes another quote, but the first quote is then removed, making it pretty hard to follow the discussion.
When using the QUOTE button, I'd expect that the entire post is quoted, including the quotes it contains.
|
| |
Perff
Administrator
Posts: 1673 |
To change the qoute-thing would require a rather big rewriting of the forum I'm afraid.
But perhaps an alternativ qoute button which uses the BB-code quote instead would be an option? (would take all text from the quoted post, and put the BBcode around it) |
| |
Devia
Registered: Oct 2004
Posts: 401 |
Quoting PerffTo change the qoute-thing would require a rather big rewriting of the forum I'm afraid.
But perhaps an alternativ qoute button which uses the BB-code quote instead would be an option? (would take all text from the quoted post, and put the BBcode around it)
Which would give this result at first... |
| |
Devia
Registered: Oct 2004
Posts: 401 |
Quoting DeviaQuoting PerffTo change the qoute-thing would require a rather big rewriting of the forum I'm afraid.
But perhaps an alternativ qoute button which uses the BB-code quote instead would be an option? (would take all text from the quoted post, and put the BBcode around it)
Which would give this result at first...
And this second? .. whoops.. no BB quote code nesting.. hm |
| |
Perff
Administrator
Posts: 1673 |
Damn. Another bug.. :( Working on it.
But yes - that was the idea. |
| |
Devia
Registered: Oct 2004
Posts: 401 |
But seriously, would it be that much work to simply add the quoted text with BB codes to the "Post:" edit-box thingy? - so you could edit the quoted stuff? - coz that would imho make the best solution.
|
| |
Perff
Administrator
Posts: 1673 |
Nested BBcodes fixed.
@Devia: And perhaps I think we are talking past eachother here, because the thing I think you just sugested, is also what I had in mind!?
You hit the "Quote" button, and get the "Post:" edit-box up, where all the text from the post you have chosen to qoute is already written with a BBcode quote around it? |
| |
Devia
Registered: Oct 2004
Posts: 401 |
Quote: Nested BBcodes fixed.
@Devia: And perhaps I think we are talking past eachother here, because the thing I think you just sugested, is also what I had in mind!?
You hit the "Quote" button, and get the "Post:" edit-box up, where all the text from the post you have chosen to qoute is already written with a BBcode quote around it?
Yes, exactly what I want ;-)
|
| |
booker
Registered: Jul 2003
Posts: 334 |
Quote: To change the qoute-thing would require a rather big rewriting of the forum I'm afraid.
But perhaps an alternativ qoute button which uses the BB-code quote instead would be an option? (would take all text from the quoted post, and put the BBcode around it)
Yeah. An extra alternative quote, or just replacing the current one with the new "BB wrapping+nick wrapping" feature :)
That way or another it's amazing you did all this stuff yourself, Perff 8-) Hardcore! |
| |
booker
Registered: Jul 2003
Posts: 334 |
Quoting Person1Quoting Person2blabla
mlah
Shwosh whoh
Hmm, how about different bckg color for the nested quotes instead of grey txt formated ike that? There can be just as simple as two colors, swapping between nested quotes.
The txt of both persons are italic they don't seem to look much clear. Not to mention what happens when there's more of them :)
Quoting Person1Quoting Person2Quoting Person3I am person 3
Hmm, how about different bckg color for the nested quotes instead of grey txt formated ike that? There can be just as simple as two colors, swapping between nested quotes.
I am person 2
Hmm, how about different bckg color for the nested quotes instead of grey txt formated ike that? There can be just as simple as two colors, swapping between nested quotes.
I am person 1
The txt of both persons are italic they don't seem to look much clear. Not to mention what happens when there's more of them :)
With different swapping bckg color for nested quotes that can get much clearier. |
| |
Perff
Administrator
Posts: 1673 |
Hm. Everytime I make one feature or fix, you right away come up with some new demands! ;)
Anyway, I've made a beta-version of the new qoute-feature. It's not directly available yet, but you can test it by hitting the normal quote-button, and change the url from
...&kvoutid=... to ...&kvoutid2=...
:) |
| |
booker
Registered: Jul 2003
Posts: 334 |
Quoting PerffHm. Everytime I make one feature or fix, you right away come up with some new demands! ;)
Bunch of nerds we are! :D
Quoting Perff
Anyway, I've made a beta-version of the new qoute-feature. It's not directly available yet, but you can test it by hitting the normal quote-button, and change the url from
...&kvoutid=... to ...&kvoutid2=...
:)
This is cool. Probably another button would be best. |
