Php CKEDITOR-无法修改数据
我正在努力让编辑器工作。编辑器将显示并显示textarea内容,但提交时表单不会在编辑器中提交文本 相关代码:Php CKEDITOR-无法修改数据,php,ckeditor,Php,Ckeditor,我正在努力让编辑器工作。编辑器将显示并显示textarea内容,但提交时表单不会在编辑器中提交文本 相关代码: <body onload="load_ck_editor();"> 这里有很多问题,其中最不明显的是SQL注入问题。但我假设您在某个地方有一个标记,并且您正在提交该标记,而不是CKE内容。看 echo '<form action="' . URL . '/admin/editlistings.php?id=' . intval($_GET['id']) .
<body onload="load_ck_editor();">
这里有很多问题,其中最不明显的是SQL注入问题。但我假设您在某个地方有一个
echo '<form action="' . URL . '/admin/editlistings.php?id=' . intval($_GET['id']) . '" method="POST" name="form">
<table width="100%" cellpadding="5" cellspacing="0" border="0">';
echo '
<script type="text/javascript" src="' . URL . '/includes/ckeditor/ckeditor.js">/script>
<script type="text/javascript">
function load_ck_editor() {
document.form.description.value = document.form.description.value.replace(/\n/g,"<br>");
CKEDITOR.basePath = "' . URL . '/includes/ckeditor/";
CKEDITOR.config.MaxLength = 99999;
CKEDITOR.config.width = "600";
CKEDITOR.config.height = "350";
CKEDITOR.replace("description");
CKEDITOR.instances.description.setData( \''.str_replace('"', '\"', stripslashes($form['description'])).'\' );
}
</script>';
// If the Submit button was pressed we start this routine
if (isset($_POST['submit_listing']) && $_POST['submit_listing'] == $lang['Listing_Submit']) {
$form = array();
// safehtml() all the POST variables to insert into the database
// or print the form again if errors found
$form = array_map('safehtml', $_POST);
// Cut the description size to the one set in the configuration
// just in case the java Script is disabled in user browser
$form['description'] = substr ($form['description'], 0, $conf['listing_description_size']);
// Create a mysql query
$sql = 'UPDATE '. PROPERTIES_TABLE . ' SET description = "' . $form['description'] . '" WHERE id = "' . intval($_GET['id']) . '"';
$db->query($sql) or error ('Critical Error', mysql_error ());