So I have slight problem. The PHP program I am working on allows web designers to post some code sometimes, and is put into a backend database. Sometimes the designers may also want to discuss html entities.
So let's say the designer adds a line of code to database like this:
<p>hellos friend</p>
So I use PDO to stick this line in the database without escaping it, and everything is fine, it shows up good. Now, I want the web designer to be able to edit this, so when I pull it out of database I use this code after:
$post = htmlentities($post);
It is good now that I can insert this into my editor:
<textarea>$post</textarea>
But we have problem because when this guy edit this code, he submit and it go back into the database and now it got HTML entities and has & lt ; instead of < and & gt ; instead of > (it is hard to type this on SA it re-encodes it)
<p>hellos friend</p>
So now it's wrong in database, so when I display it again, it show the entities.
So maybe I can run the opposite of htmlentities after editing it and re-add all the entities, if there is such a thing, but that brings another problem:
What if a web designer is telling other guy "Hey man, this is what an html entity is, it is typed like this: & lt; you should use it"
Then THAT is going to turn out to get stuck back into NOT being an entity, you see what I mean? Is there a solute?