I have an HTML table that displays information from a database, and one of the database fields contains a parameter list such as:
id=eff34-435-567rt-65u¬ification=5
But when I display this in the table the ¬ becomes ¬
I know that you can manually force it to print the right way by using
&not
But I would really rather be able to just use something to force the HTML to ignore the code so I can just pull the text straight from the database and print it to the table without having to do a regex to find out if there are any & and replace them with & I tried using the <pre> tag but that did not work.
Is there any way to force the HTML to print exactly what is typed for that specific td field?
Nothing practical (CDATA doesn't have browser support in text/html mode). Write proper HTML instead.
You should be running anything that comes out of the database through a conversion function to make it HTML safe anyway (to protect against XSS if nothing else). PHP has htmlspecialchars(), TT has | html. Whatever you are using should have something other then a regex.
& is the correct HTML encoding for the &. You will need to write the &not for it to display correctly.
If you're pulling from a database, you can use whatever programming language that is available to you to decode HTML entities for you.
For example, in PHP, you could use htmlentities or htmlspecialchars.
Try using htmlspecialchars().
most frameworks have HTML Encode functions.
in JavaScript: encode
in C# .NET: HttpServerUtility.HtmlEncode
Just run an HTMLEncode on the string before outputting it. Every server-side scripting language I know of has a built in command to do this. Not to mention that you are eventually going to run into another character that causes problems too.
ASP.NET: HttpServerUtility.HtmlEncode
PHP: htmlentities
Regex should definitely NOT be necessary.