I am developing a very simple CMS system for my brother’s web site.
I am using Classic ASP and the content is stored in an XML file and I have created a simple web form with a javascript rich text editor for him to edit the content. This means that there will be HTML code being saved in the XML file. I am confident that this will always be well formed XHTML.
e.g.
<content>
<item id="20110611103415" sort="1" status="P">
<description><strong>18th</strong> century <span style="font-style: italic;">mahogany </span>chest of drawers</description>
</item>
</content>
When displaying this on the web page it all works OK and as long as I use <xsl:copy-of select="description/node()"/> in the XSLT file, the HTML displays as it should.
The problem comes when I try to save this HTML back into the XML file from the form. I am using the following code to do this:
set objXML = Server.CreateObject("MSXML2.DOMDocument")
objXML.async = false
strXMLFile = server.MapPath("content.xml")
objXML.load strXMLFile
Set objRoot = objXML.documentElement
Set objItem = objRoot.SelectSingleNode("item[@id='" & strID & "']")
Set objField = objSaleItem.SelectSingleNode("description")
objField.text = Request.Form("description")
objXML.save strXMLFile
When I do this I end up with the following in my XML file:
<description><strong>18th</strong> century <span style="font-style: italic;">mahogany </span>chest of drawers</description>
I have scoured the web trying to find out how I can prevent the HTML being encoded like this but I can’t find a solution anywhere.
If anyone can help me I’d be very grateful.
Thanks
Andy
Even if you are confident that the results of your form are always valid XHTML you should validate it by loading it into the DOM parser. This will force it to be valid and allow you to save and get it out again.
If the form can contain only text as well you can handle that condition with the
If Thenblock.