You can use markdown with HTML only in the browser, but you do need to have a markdown parser on the server to process it into HTML. If you want a rich-text editor like TinyMCE, then I'm not aware of any that don't use JavaScript I'm afraid.
@@dave-hollingworth in my application the posted data would be stored and then presented as a blog. I want to give the user some ability to script without allowing them to return any session variables or information about the host.
@@BlueDolphinBlues I'd be hesitant about giving the user script abilities - you'd have to parse the code to make sure there wasn't anything unexpected in there, which I think would be very difficult to make sure it was safe. I'm not aware of any parsers like the HTML one that allow you to strip code from PHP code. Alternatively, you could use a templating engine like Twig or something like Markdown that allow additional functionality but don't expose PHP to the user.
Always looking for video ideas - please could you be a bit more specific? I tend to prefer videos that explain a single topic, so for example "how to send notifications using SMS" for example. If you can suggest simple topics like that I'll be happy to consider a video on it! Thanks
Hey Dave thank you for the video. Quick question that’s bugging me, what’s the difference between htmlspecialchars(), htmlentities and the html purifier you’ve used? Future video ideas: I’m not sure if you have any small crud app in your playlist ( binge watching it rn). For example: “ Hotel booking system, car rental crud app or restaurant online ordering ) simple page with just a table, search form and a picture to explain how crud works. The secrete being “real life application”. That sort of videos appeal to many different audience.
Basically htmlspecialchars is for when you want to escape something to display it in HTML. HTML purifier is used to remove unwanted tags and attributes completely. There's a good description here: learnwebtutorials.com/difference-between-htmlentities-and-htmlspecialchars-in-php I don't have a CRUD series right now but that's a good idea, I'll make a note of it!
Hi Dave!, im using twig and i notice that automatically resolve the issue with the HTML special chars, (with the | raw) incidator actived, however if i change the style attribute directly in the strong tag, it doesn't purify and appears red, my question is, how can i use the purifier library with twig, of it exists some solution with the twig templates?
You are born to be a teacher 🙏
Straight to the point. Very impressive. Thanks for sharing
Thank you a million times over!!
Thank you very much for this video ! It's cristal clear !
thank you, this was very easy to understand
Thanks alot sir you really deserve 1m+ subs
Thank you very much boss.
This is awesome omg
I was searching for adding this feature , thank you so much , Cant i add it using html and css only ? For adding it in an onion service ?
You can use markdown with HTML only in the browser, but you do need to have a markdown parser on the server to process it into HTML. If you want a rich-text editor like TinyMCE, then I'm not aware of any that don't use JavaScript I'm afraid.
@@dave-hollingworth thank you brilliant
love this! most relaxed tutorial ever :D
Thank you very much
Thanks, this is very helpful. What about stripping php?
Any PHP code wouldn't be executed as it would be sent to the browser - you could strip it using a regular expression though if you wanted
@@dave-hollingworth in my application the posted data would be stored and then presented as a blog. I want to give the user some ability to script without allowing them to return any session variables or information about the host.
@@BlueDolphinBlues I'd be hesitant about giving the user script abilities - you'd have to parse the code to make sure there wasn't anything unexpected in there, which I think would be very difficult to make sure it was safe. I'm not aware of any parsers like the HTML one that allow you to strip code from PHP code. Alternatively, you could use a templating engine like Twig or something like Markdown that allow additional functionality but don't expose PHP to the user.
@@dave-hollingworth I completely agree.
Sir create a video on.. medication tracker and notification on given timeframe with php...
Always looking for video ideas - please could you be a bit more specific? I tend to prefer videos that explain a single topic, so for example "how to send notifications using SMS" for example. If you can suggest simple topics like that I'll be happy to consider a video on it! Thanks
Hey Dave thank you for the video. Quick question that’s bugging me, what’s the difference between htmlspecialchars(), htmlentities and the html purifier you’ve used?
Future video ideas: I’m not sure if you have any small crud app in your playlist ( binge watching it rn).
For example: “ Hotel booking system, car rental crud app or restaurant online ordering ) simple page with just a table, search form and a picture to explain how crud works. The secrete being “real life application”. That sort of videos appeal to many different audience.
Basically htmlspecialchars is for when you want to escape something to display it in HTML. HTML purifier is used to remove unwanted tags and attributes completely. There's a good description here: learnwebtutorials.com/difference-between-htmlentities-and-htmlspecialchars-in-php
I don't have a CRUD series right now but that's a good idea, I'll make a note of it!
Nice one 👌
Hi Dave!, im using twig and i notice that automatically resolve the issue with the HTML special chars, (with the | raw) incidator actived, however if i change the style attribute directly in the strong tag, it doesn't purify and appears red, my question is, how can i use the purifier library with twig, of it exists some solution with the twig templates?
There's a package here that might help: github.com/Exercise/HTMLPurifierBundle
Why composer ???
Composer is the easiest way to install third-party packages and their dependencies into a PHP project