2013/10/23 Michal Čihař michal@cihar.com
Hi
Dne Tue, 22 Oct 2013 20:48:14 -0400 Isaac Bennetch bennetch@gmail.com napsal(a):
In the user description field of the error reporting server, new lines are represented as \n rather than <br> or some other HTML-friendly means. This is easy to fix, however I'm not sure where best to fix it.
Do we convert the raw input before submission (line 58 of libraries/error_report.lib.php or on display (line 88 of app/View/Incidents/view.ctp)? I think it's best to do it on submission, but wanted to double-check first.
Doing this on submission time would bring HTML into the server and we would have to do some sanity checking on it while displaying...
I don't think users should be allowed to any HTML in bug reports. It will be much simpler then: 1. Unescape all escape sequences before storing them on our server, eg. \n -> newline 2. Use nl2br before displaying, or wrap text with HTML block element with: white-space: -moz-pre-wrap; /* Firefox */ white-space: -o-pre-wrap; /* Opera */ white-space: pre-wrap; /* Chrome; W3C standard */ word-wrap: break-word; /* IE */ It may require some tweaking, but it's doable in CSS.