This question already has an answer here:
if i post a script with my cms people can not read it, it goes into the database as text
like this:
<script>
// Source: http://www.backalleycoder.com/2011/03/20/link-tag-css-stylesheet-load-event/
var loadCSS = function(url, callback){
var link = document.createElement('link');
link.type = 'text/css';
link.rel = 'stylesheet';
link.href = url;
link.id = 'theme-style';
document.getElementsByTagName('head')[0].appendChild(link);
var img = document.createElement('img');
img.onerror = function(){
if(callback) callback(link);
}
img.src = url;
}
$(document).ready(function() {
var initEditor = function() {
$("textarea").sceditor({
plugins: 'bbcode',
style: "./minified/jquery.sceditor.default.min.css"
});
};
$("#theme").change(function() {
var theme = "./minified/themes/" + $(this).val() + ".min.css";
$("textarea").sceditor("instance").destroy();
$("link:first").remove();
$("#theme-style").remove();
loadCSS(theme, initEditor);
});
initEditor();
});
</script>
But how kan i make it that it can be read on the website?
I use this mysql query:
INSERT INTO categorie (title, longstory, shortstory, date, author, categorie, type,img) VALUES('{$title}','" . htmlspecialchars_decode($longstory) . "','{$shortstory}','" . time() . "','". $_SESSION['user']['username'] ."','{$categorie}','{$type}','{$img}')";
I use to post a script: " . htmlspecialchars_decode($longstory) . "
</div>