Databases
StackOverflow2013
Postsdbo
POJavascript split method: special characters
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POJavascript split method: special characters
    primarykey
    data
    text
    <p>I made a little chat into my site. I want the user to be able to do this: When he types some special characters such as <code>:P</code>, an icon will be shown I do this with this code:</p> <pre><code>chat_icons=new Array(); $(".chat_icons img").each(function(index){ chat_icons[index]=$(this).attr("title"); }); $.each(chat_icons, function(index, value) { var msg_array=new Array(); msg_array=message.split(value); message=""; for(j=0;j&lt;msg_array.length;j++){ message+=msg_array[j]; url=index+1; img_msg="&lt;img src=\"/apps/chat/icons/"+url+".png\" title=\""+value+"\" /&gt;"; message+=img_msg; }; message=message.substr(0,message.length-img_msg.length); }); </code></pre> <p>This code works pretty well. The second thing I want to do is when a chat user types a YouTube url a link will be shown. I try to do this with this:</p> <pre><code>msg_array=new Array(); msg_array=message.split("http://www.youtube.com/watch"); message=""; for(j=0;j&lt;msg_array.length;j++){ if(j / 2==0){ message+=msg_array[j]; } else { youtube_array=new Array(); youtube_array=msg_array[j].split(" "); message+="&lt;a href=\"http://www.youtube.com/watch"+youtube_array[0]+"\" target=\"_blank\"&gt;http://www.youtube.com/watch"+youtube_array[0]+"&lt;/a&gt; "; for(k=1;k&lt;youtube_array.length;k++){ message+=youtube_array[k]+" "; } } } </code></pre> <p>This code gives me the following results:</p> <pre><code>http:/ /www. youtube.com/ watch?v=some_id --&gt;works http:/ /www. youtube.com /watch?v=some_id chat text chat text http://www.youtube.com/watch?v=some_id ---&gt; works http:/ /www. youtube.com/ watch?v=some_id&amp;feature=something --&gt;don't work http:/ /www. youtube.com/ watch?v=some_id&amp;feature=something anything else --&gt; doesn't work </code></pre> <p>The last 2 examples gives me this code <code>&lt;a href="http:/ /www. youtube.com/watch?v=some_id"&gt;http:/ /www.youtube.com /watch?v=some_id&lt;/a&gt;</code></p> <p>So I have problems with special characters. How can I solve this problem?</p> <p>The last thing I want to ask is that I don't want the user do JavaScript/HTML injection. The only ways I want are the two I said above. Example: if a user types <code>&lt;/body&gt;</code> then I can't see it because I use <code>$(".message").html(...)</code>.</p> <p>If I use <code>.text()</code> I solve the last problem but I can't see images and youtube links.</p> <p>I cut <code>youtube_url</code> because the system believes that I am a spammer.</p> <p>jsfiddle code: <a href="http://jsfiddle.net/Fb9kA/1/" rel="nofollow">http://jsfiddle.net/Fb9kA/1/</a> </p> <p>The <code>&amp;</code> character of the YouTube url is confused with <code>data: "name="+$(".chat_username").val()+"&amp;message="+$(".chat_text").val(),</code> </p> <p>I fixed it to this: <code>data: "name="+escape($(".chat_username").val())+"&amp;message="+escape($(".chat_text").val()),</code> </p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USRashmin Javiya
    1. USChris P
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. COFirst thing I thought of when I saw this question was "javascript injection". If you only want YouTube links, just grab the whole URL, strip it to its component parts, and replace it with youtube.com/watch?v=id and ignore the rest. IMHO.
      singulars
      1. POJavascript split method: special characters
      1. USMatt H
    2. COno i don't want these..a user should type: Wow watch this funny video http://www.youtube.com....
      singulars
      1. POJavascript split method: special characters
      1. USChris P
    3. COfor the second problem (html/javascript injection), i want something like `.text()` method for variables!!
      singulars
      1. POJavascript split method: special characters
      1. USChris P
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload