BBcode + emoticons parser

[galdikas]

Anyone could recommend a good BBcode parser?

That would be able to parse emoticons.. And possibly would clean the input against XSS/SQL attacks?

[Kieran-R]

NBBC is what I use.

Im not sure they parse smilies though. But it shouldnt be too hard to program yourself any way. Just use str_replace().

[Dayo]

NBBC, great script.

[Dayo]

lol kieran-R same time :P and yea it does do smilies and comes with its own bundled in with it

[Kieran-R]

lol kieran-R same time :P and yea it does do smilies and comes with its own bundled in with it

Damn a few seconds in it lol :P

Yea if NBBC has smilies, then no need to worry about the second part of my first post :)

[rulerofzu]

Did you actually look at what you downloaded Kieran?

The smilies folder is a big give away!

[lucky3809]

nbbc is what i use too, it does have smileys comes with the zip download.

[Kieran-R]

Did you actually look at what you downloaded Kieran?

The smilies folder is a big give away!

I downloaded it ages ago ;) Cba to go download it again to check...

[rulerofzu]

Yeah and it has always come with the smilies so you cba to look when you download something. Sorry I forgot your an idiot.

Edited June 12, 2011 by rulerofzu
pointing out the stupid to the stupid.

[Kieran-R]

Yeah and it has always come with the smilies so you cba to look when you download something?

Why are you trying to have a go at me over the stupidest little thing? Who gives a ****...

[galdikas]

Guys stop fighting! lol

Ok the way I am doing this is I parse the BBcode, and the store the value in DB and it doesnt work :(

Should I store the BBcode in database instead? and the just parse and output the HTML when requested???

If so.. how do i clean the BBcode from any potential attacks???

[galdikas]

ok.. the above issue is solved..

another question. Does that parser cleans the input of any html in the input???

I tryed looking but OO php is still somewhat mistery for me, so cannot tell for sure lol :)

[lucky3809]

last time i checked nbbc is secured... dont know what you mean by parsing through database, it does not need a database...I have not seen any parser use a database... unless im missing something o_O

if your using nbbc you include the main

require_once (DIRNAME(__FILE__) . '/nbbc_main.php');

$bbcode = new BBCode;

for text area you add something like...

$r['mail_text']=$bbcode->Parse($r['mail_text']);

that is it.... the smileys should work if you have them uploaded the config file is the lib....

Edited June 14, 2011 by lucky3809

[galdikas]

I am not MCC :)

Well I parse the post to HTML. And then I store it in DB. Rather than storing BBcode in DB and then parsing it to HTML every time someone wants to view it. I thought this was more efficient :) No double handling lol

[rulerofzu]

EH? BBCode is a parser.

The only reason why you should use bbcode is to give the end user flexibility which you cannot do with hard coding. So they chose the color etc. So as an example saying HELLO WORLD in a message to another player is either in the font pre-set in your code or alllow them to use bbcode.

Anything submitted by the end user which is stored in the database will be kept in the bbcode format. So [ b ]HELLO WORLD[ / b ] Only when the page is viewed is it then parsed changing the way it is displayed.

Using any PHP code you wish to create what Lucky stated is correct and how you would use it. Not MCc related.

[galdikas]

Ok.. But i have done it the other way around. I parse it before i store it in DB. In DB HTML not BB is stored. Is that ok? Or should I change that BB is stored in DB????

[galdikas]

ok... Any scripts that can translate HTML to BB???

I need it for editing posts :)

[rulerofzu]

Your just giving yourself a harder time than required. Let them use bbcode. Store it in the db as bbcode and then they can edit their own posts including the bbcode.

[galdikas]

I know that maybe I am doing it the hardway but I think it will be well worth it.

http://corz.org/blog/inc/cbparser.php?page=all#comments

here is parser that I have found. Works perfectly with no adjustment (obviously will need to work with smilies. I know what to do, but it will be quite boring and repetetive task lol)

 

Anyway if game gets popular, I will save a lot of CPU if I will not have to parse every single post every time it is viewed. And only when it is created or edited.

[rulerofzu]

Hmm on the thought of your cpu saving. There is many very large popular forums which do not have an issue ;)

What really strikes me is that your gonna convert html to bbcode and store it in the db. I can see the logic behind what you want to do however the whole point of bbcode was so that people do not need to know html.

font color, size , weight, img src, a href.....much easier to use [ color ] [ img ] [ url ]

Edited June 14, 2011 by rulerofzu

[galdikas]

Nope... This is not how it works..

User postd new post:

He writes the post using BB.

SUbmits the form, and BB gets translated to HTML and stored in db as HTML.

When someone wants to view that post PHP fecthes the HTML from DB and displays it.

Howewer if someone wants to edit they're post:

PHP fetches the HTML post, and parser converts it back to BB and displays it in BB format in text area.

Users makes whatever alteration he desires, and submits the form.

Again BB is parsed back to HTML and stored in DB.

[rulerofzu]

I cant see how that is going to make a big enough saving on cpu to make it worthwhile.

[galdikas]

Ok... That's it I gave up! lol

I store BB code in DB..

Though I still think that it is more efficient to store straight HTML in DB. Just too complicated for me... If game gets big, ill hire someone to do it lol :D

Ok... how to secure the input? So it doesnt destroy the BB? is mysql_real_escape_string sufficient????

Another question...

ok.. I plan not to have postcounts... Just I think that it really serves no purpose.. apart for some trolls considering it to be they're e-penis. And just because they have big pe.... eh postcount they are smarter than someone with smaller... postcount lol

Instead i might just implement a hidden rating system where everyone can rate each post and thread, but cannot see any of the ratings. (they can only see the average rating of each player.)

Why not see the rating?

Just I think that if you see that post has -10 you instantly think that post is crap... An sort of jump on bandwagon and rate it with -, instead of using your own mind to determine the quality of the post, you will be influenced by the current rating.

And possibly limit the ratings that user can issue every day to 5 or 10. Just to stop angry kids from just mindlessly giving - for everyone lol

Edited June 15, 2011 by galdikas

[rulerofzu]

I wouldnt worry too much about posting just for the sake of posting. It will occur even if you have a rating , post count anyway. Just delete if it continues warn, after that ban from that area and eventually ban from the game.

Go for nbbc which will do everything you require with regards to the bbcode. It also comes with a handy instruction file :D

[galdikas]

OK I tryed looking but cannot find this anywhere...

Sp assuming that I store it as BB... How do I secure the input agains SQL injection?

if I just add slashes to _'_ then people lets say if someone wants to use apostrophe it will have slashes before it. Or if I use htmlspecialchars than any speechmars in the BBcode will get enoded as well... So what function should I use???