I have a form with a text field that users input text into. They can use multiple lines, put in bold text, underlined text, etc., but the text, when saved to SQL Server doesn't have any formatting saved, just the text is saved. What is the best way to save the text with the HTML so that when it gets viewed by another user and pulled up from Sql Server the HTML is saved and the formatting is saved?
Ex.
hello
Paul
This would be saved as
helloPaul
you can't see it but there are bold and carriage return html tags rapped around the text
When receiving data from the user, on the server side code, use HTML encode to safely store the data:
var inputData = Server.HtmlEncode("<strong>some data input from user</strong>"); //insert your user input data variable here
Then when displaying the data in your cshtml page, decode the data to display it as the user entered it:
HttpUtility.HtmlDecode(saveUserDataFromDatabaseVariable);
All this is assuming you have a rich text editor being plugged into the input field. CKEditor and TinyMCE are good ones.
You can use a text editor. Take a look at CKEditor. It's free and easy to use :)
Can you post some code and more details?
I have had good success with CKEditor. It is customizable, and its content can easily be saved via postback to a standard asp:TextBox.
It is possible that the editor you are using is not actually updating the input/textarea that you are using, it may be cloning the text and drawing the formatting in an overlay. You can use developer tools, or javascript, to verify this by checking the value property of the input or textarea element. If it is being saved via AJAX or javascript the code may be using the textContent or innerText properties instead of innerHTML.
I used the richtexteditor dll that's free online. it gave me a wiziwig box that the user can edit texxt in.
Related
We currently use wysihtml5-rails to let our users edit emails before they are sent but this is not working out so well for a few reasons.
I need the comments to allow for Outlook specific comments like these . All comments are being removed, currently.
I also need the CSS classes to be untouched as the editor content will be a pre-generated email that includes CSS classes. Our editor will only keep classes that are whitelisted but this is annoying as we need to update that list with every change.
Same goes for inline styles. Some of the styles in the generated email are inline instead of in classes. Those need to be kept but they are being removed.
Is there any way I can get our editor to work this way?
I found a solution but it's hacky.
I realized that the raw HTML was being stored on the page in a hidden textarea tag. Interestingly, all the elements that I needed (CSS classes, comments) were still there. But when submitting the form, the value of this textarea was replaced with the parsed results from the editor which gets sent to the server. All the comments and classes are gone from this text.
The solution was then to create a second field that takes the unparsed value from the WYSIWYG editor and sends that along. Easy in rails but just making this new field part of a form. Then the controller can choose which value to take. In my case, I renamed the existing message field to parsed_message. Then added a new message field which will hold the unparsed message.
The WYSIWYG editor we are using allows this by having a method that can be called at any time: window.email_editor.getValue(). Here the email_editor is the editor instantiated by the javascript on the page.
I have an html form that I want to force to convert whatever content it receives to plain text before sending it to my server (kind of similar to what happens in a simple text editor like OS-X TextEdit: where we can convert to PlainText whatever RichText formatted content). How do I do that? I don't really care where the user sees in the TextAreas, etc. I specifically want the text that arrives on the server to have been converted to PlainText.
It can be done using Jsoup.
Here is a sample code snippet:
public static String html2text(String html) {
return Jsoup.parse(html).text();
}
I can create my content fine using tinymce , it also uploads correctly to the database. here is an example of what stores in the database.
<p>Content goes in here</p>
When I choose to edit this it converts my p tags in the database to <p>
and then wraps the content in another set of p tags.
in source code of tinymce it looks like this
<p><p>this is a test message</p></p>
How do I stop this ?
as I just want it to render exactly as it is in the database.
I want to still store correct html tags in my database but I do not want tinymce to keep stripping/converting them.
Thanks in advance for your help.
Adam
Are you looking for somethink like that
tinymce.init({
...
entity_encoding : "raw"
});
tinymce encode the content before passing it to the server and hence the content is stored as: <p>This is text;/p> but the html tage are still passed like <p><p>This is text;/p></p>
While saving it to the database encode the values so that the html/xml tags are stored encoded. Like; Server.HtmlEncode(_propertyShopAdvertDetails.MarketingInformation);
and similarly while retrieving and displaying in the tinymce control the vaue needs to be decoded;
Server.HtmlDecode(_propertyShopAdvertDetails.MarketingInformation);
while retrieving the content and displaying it in the control, it decodes it and displays it correctly. Since it is displaying the content fine so I believe you have the right class on the control and used the correct mode for the plugin.
Now if you want to display the content in an HTML page and not inside tinymce control the you need to decode it. Something like: #Html.Raw(System.Web.HttpUtility.HtmlDecode(Model.PropertyFullDescription))
I have a super simple MS Access form with two fields to collect some data quickly, one of which is a memo data type, wired into a table field. I want to copy some formatted text from HTML into it and would like to preserve the formatting (bolding, fonts, italic, etc.). However, when I do Ctrl-C --> Ctrl-V, it only pastes unformatted plain text.
Is there any way I can configure my form field to accept and save formatted text? If I paste the same into MS Word, the formatting IS preserved.
You will have to open the 'source' of the HTML file, and only then copy+paste.
From the browser, you'll just see the HTML output.. and some apps, like Notepad, won't be able to store the data through a simple copy+paste. MS Word can do it, as you might already know, since it is a rich-text editor.
As for a field in MS Access, you can only preserve the formatting if you copy the source itself. It will help if you let us know which browser you are copying from, though normally, there is an option to view the source code of the page being viewed.
[edit:in response to comment]
If you want rich text to enter into an ms access field, try the first few steps here: http://office.microsoft.com/en-001/access-help/insert-or-add-a-rich-text-field-HA010014097.aspx
I have a web page with a read-only text box which shows some HTML code:
<input type="text" readonly="true" value="<table>...</table>"/>
There is also submit button, which causes page post back and XSS validation to trigger. I don't want to turn off XSS.
I also tried disabled="disabled", but then the user is not able to copy the text in the text box.
So I thought that using div and span which can give same look and feel would suffice and negate the need for turning off the validation. While trying this, I am struggling to restrict the string in one line. As in text box, it is a single row with column size and text is shown nicely, we can also copy text.
Is there a better solution for what I'm trying to do?
If I understand you correctly you're trying to show some example code in a web interface that is formatted for easy consumption by the end user.
As a general rule, you should wrap code snippets in <pre></pre> tags, I would then suggest having a go at using: http://alexgorbatchev.com/wiki/SyntaxHighlighter to format the code as if you were viewing in an IDE.
This will prevent you from having to turn of the XSS checker.
you could use <pre> tags
check this link