Variables need html entities replaced? 1

[Leozack]

When I look at variables that contain characters you'd escape like apostrophies etc, they come out in a textbox as html entities, eg &pos; and I've tried things I can think of from other languages like unescape() or stripslashes() but I dunno AS well enough to know what function to convert them back. What is it? x.x I tried saying .htmltext on the textbox instead of just .text but that didn't help either. Can't find anything saying what to use anywhere :/

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[kennethkawamoto]

Unescape function in AS is unescape().

When you set htmlText you have to set html to true as well.

Kenneth Kawamoto

http://www.materiaprima.co.uk

 

[Leozack]

So it is - but the reason this wasn't working is the content isn't escape()'d text. It's raw text from an xml import. And it's showing up like "isn&pos;t this great".

Using html boxes can get round this it seems but leaves you open to html issues. Isn't there a conversion function for imported raw text to turn the full ascii substitude codes back? Or will I have to write one

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[kennethkawamoto]

What's wrong with htmlText?

Kenneth Kawamoto

http://www.materiaprima.co.uk

 

[Leozack]

I assume it will render any html in the raw text? which might be undesirable? I'm used to having to make sure such things don't get rendered to the browser to avoid exploits but in flash maybe it's ok?

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[kennethkawamoto]

Sorry what is "such things"???

Kenneth Kawamoto

http://www.materiaprima.co.uk

 

[Leozack]

ie if the text has html code eg <b><u>bold and underlined</u></b> then it will be rendered as such, and potentially other things like alerts or html actions could be carried out? I don't know exactly how flash would behave, but I don't want to be vulnerable by having it pass any html someone has loaded through the xml?
Gotta dash to a meeting now but I'd like to know what you think

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[kennethkawamoto]

Yes <b> and <u> will be rendered as such, and you can call JavaScript functions via <a>. If you do not want that, then you can do the following hack:

1. set TextField.htmlText
2. set TextField.text to TextField.text

All URL escaped characters should go back unescaped.

Kenneth Kawamoto

http://www.materiaprima.co.uk

 

[Leozack]

You're spot on with this hack. I hope it doesn't get "fixed" sometime or it'll cripple everything

info_txt.htmlText = imageNode.firstChild.firstChild;
info_txt.text = info_txt.text;

I found this works also and might be a safer bet since it won't ever get "fixed"?

info_txt.htmlText = imageNode.firstChild.firstChild;
info_txt.htmlText = unescape(escape(info_txt.htmlText));

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[Leozack]

Correction - nothing except the hack you mentioned works out since basically it takes the htmlText box to retreive the normal text as its text contents thus anything else can = that.text and it will be ok, including that.text = that.text. Oh well, hack ftw then.

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[kennethkawamoto]

I called it "hack" but it's not really a hack in a bad sense, do not worry. The "text" property is always the plain text version of "htmlText" property. This is the same in AS3.

Kenneth Kawamoto

http://www.materiaprima.co.uk

 

[Leozack]

Yeah after more playing around testing things it does indeed seem obvious that as long as a textbox is set to html, you can shove in html text, and then it's .text contents are ready for anythign else to use without html.

Any thoughts on my other obstacles Ken?

http://www.tek-tips.com/viewthread.cfm?qid=1412706

http://www.tek-tips.com/viewthread.cfm?qid=1409258

_________________________________
Leozack

MakeUniverse($infinity,1,42);