html-entities

I'm trying to read the content of a contentEditable div and extract the currently active word. ie. the word which was just entered or one which was modified. My initial approach was: get string as innerHTML get cursor position using a function (now I can find the word that was modified) read backwards till a space is found (character by character comparison) extract the word from the point of space found. But the problem is that the browser sometimes converts the spaces to   and sometimes doesn't (There is no problem if there is only one space). Then I decided to using a second loop to

I am parsing some data from feedburner of which contains HTML entities. I am trying to encode the HTML entities using jQuery as such: var encodedStr = data['1']['result']['content']; // content with HTML entities $("#content").html(encodedStr).text(); but with no results. Here is what its parsed: http://jsbin.com/ihadam/1/edit Basically you should encode your html entities into html as such: var encodedStr = data['1']['result']['content']; var a = $("#content").html(encodedStr).text(); Then get the encoded text and apply it as html() as such: $("#content").html(a); That should work. Demo: http

I am very confused over something and was wondering if someone could explain. In PHP i validate user input so htmlentitiies, mysql_real_escape_string is used before inserting into database, not on everything as i do prefer to use regular expressions when i can although i find them hard to work with. Now obviously i will use mysql_real_escape_string as the data is going into the database but not sure should i be using htmlentities() only when getting data from database and displaying it on a webpage as doing so before hand is altering the data entered by a person which is not keeping it's

I'm using FreeTextBox editor to get some HTML created by users. The problem with this is this editor is not converting special chars in HTML entities at exception of "<>". I cannot use theHTML = Server.HtmlEncode(theHTML) , because it converts all the HTML including tags and parameters, and I don't want to create an unfinishable list of theHTML.Replace lines. Is there any other function or method available to convert to html entities but only outside tags? If you've got a mixture of < meaning start a tag and < meaning a literal less-than sign, you can't possibly tell which is ‘a tag’ to ignore

Ok, this subject is a hotbed I understand that. I also understand that this situation is dependent on what you are using as code. I have three situations that need to be resolved. I have a form in where we need to allow people to make comments and statements that use commas, tildes, etc... but still remain safe from attacks. I have people entering in dates like this: 10/13/11 mm/dd/yy in English, can this be sanitized? How do I understand how to use htmlspecialchars() , htmlentities() and real_escape_string() correctly? I've read the php.net site and some posts here but this seems to me to be

I have this as my menu bar for the site when viewed on tablet: The menu icon on the right shows other options when clicked. The code is <div id="menu"> <a id="metaMenu" href="#">☰</a> </div> But I saw on Twitter that the entity (or it may have been the corresponding Unicode characters) is not supported in some Android phones. How can I modify my HTML to have a fallback? Image is a wrong way to go about this - as is an entity, in my opinion. As this one is not well supported at all. No Android, renders weird on Windows Chrome, Internet Explorer, etc. Go the CSS3 route. This is supported by