jquery - PHP AJAX call to MySQL database. How to properly escape HTML data returned (json_encode) to page? -


my database contains records included html scripting tags. have read many different options on how handle scenario while using json_encode/ajax.

should use js function escape special characters client side or might there php solution i'm missing?

edit assumption: user not want strip/remove html tags, wants way or suggestion in encoding them either on server or client side!

php (process.php):

 $records = array();   if($results = $db->query("select * cust_tbl")) {      if($results->num_rows) {          while($row = $results->fetch_object()) {              $records[] = $row;          }           echo json_encode($records);           $results->free();      }   }

ajax:

function show() {     clear();     $.ajax({         type: "post",         datatype: "json",         url: "process.php",         data: "action=show",         success: function(data) {             $.each(data, function(index, data) {                 $('#tablebody').append('<tr>');                 $('#tablebody').append('<td>' + data.jl_job_date + '</td>');                 $('#tablebody').append('<td>' + data.jl_yr + '</td>');                 $('#tablebody').append('</tr>');             });         }     }); }

if looking encode html sent: can use htmlentities()

if looking remove html tags , leave text: use strip_tags()

update:

i noticed in $.each have 2 arguments using data for. in $.each typically this:

$.each(data, function() {     //use data.<column name> });

unless need index of data suggest leaving out readability. documentation on $.each can found here.

also, try doing full append @ once.

$.each(data, function() {     $('#tablebody').append( '' +                             '<tr>' +                                 '<td>' + data.<column name> + '</td>' +                                 '<td>' + data.<column name> + '</td>' +                             '</tr>' +                             ''); });

doing way creates new row adds table datas end of table instead of in tr want in.


Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

i have add following code htaccess file removing .php extension , add trailing slash urls. worked fine reduced page loading speed , css code not loading @ all. pages ugly. please help rewriteengine on rewritebase / ## hide .php extension snippet # externally redirect /dir/foo.php /dir/foo rewritecond %{the_request} ^[a-z]{3,}\s([^.]+)\.php [nc] rewriterule ^ %1/ [r,l] # add trailing slash rewritecond %{request_filename} !-f rewritecond %{request_uri} !/$ rewriterule . %{request_uri}/ [l,r=301] # internally forward /dir/foo /dir/foo.php rewritecond %{request_filename} !-d rewritecond %{request_filename}.php -f rewriterule ^(.*?)/?$ $1.php [l] we can rewrite urls using .htaccess files. before writing in .htaccess files need verify kind of server using. can check server adding a <?php phpinfo(); ?> in php page. ensure mod_rewrite module enabled in apache server. can identified checking phpinfo included page. common methods used url rewriting follows ...
Read more

javascript - jQuery show full size image on click -

pretty self explanatory not workking . i want display full image when user click on image... yes know there tons of plugins but i want keep simple. any idea ? css : .full { display: none; width: 500px; height: 500px; margin-left: 100px; margin-top: -300px; position: fixed; background-color: #f00; z-index: 6; } .thumbnail { width: 50px; height: 50px; } html: <img class="thumbnail" src="http://4.bp.blogspot.com/-uhbdp2esxng/txneptvi92i/aaaaaaaaaky/upfqis7zto0/s1600/rihanna-wallpaper.jpg"> jquery: $(document).ready(function() { $('.thumbnail').on('click', function() { var img = $('<img />',{src:this.src,'class':'full'}); $('.full').html(img).show(); console.log('done!'); }); }); try looking how jquery works. $(document).ready(function() { $('.thumbnail').on('click', function(...
Read more