I have a jsp with a textarea field. The user can enter any text inside that . The problem here is when the user enters any html tags inside that ,then the format of the output is changed .So I want to restrict the user / remove the html tags inside the textarea .
Created May 7, 2012
cem tekin hi there,
nice to see people thinking in similar ways. my solution to the problem was to write a class that handles the text when retrieving from the database.
the input for textarea is inserted with a special formatting and the class checks for this special formatting - which is #<#textarea#># and #</#textarea#># - and cleans the tags for use in html. obvoiusly the way the tag stored in the db is not changed.
here's the class:
public class TagFormatter { public String formatString(String theString) { String mainString = theString; int startOTag = -1; int endOTag = -1; int startCTag = -1; int endCTag = -1; int lastTag = -1; int length = mainString.length(); String newString = ""; startOTag = mainString.indexOf("#<#"); if(startOTag > 0) { lastTag = mainString.lastIndexOf("#>#"); endOTag = mainString.indexOf("#>#"); startCTag = mainString.indexOf("#</#", endOTag); endCTag = mainString.indexOf("#>#", startCTag); newString = mainString.substring(0, startOTag); newString = newString + "<" + mainString.substring(startOTag + 3, endOTag) + ">"; newString = newString + mainString.substring(endOTag + 3, startCTag); newString = newString + "</" + mainString.substring(startCTag + 4, endCTag) + ">"; while(endCTag < lastTag) { startOTag = mainString.indexOf("#<#", endCTag); endOTag = mainString.indexOf("#>#", startOTag); newString = newString + mainString.substring(endCTag + 3, startOTag); newString = newString + "<" + mainString.substring(startOTag + 3, endOTag) + ">"; startCTag = mainString.indexOf("#</#", endOTag); endCTag = mainString.indexOf("#>#", startCTag); newString = newString + mainString.substring(endOTag + 3, startCTag); newString = newString + "</" + mainString.substring(startCTag + 4, endCTag) + ">"; } newString = newString + mainString.substring(endCTag + 3); return newString; } else { return mainString; } } }now, you can reengineer this class and forbid the textarea entry.
hope this helps.
cem.