0

I have a function which compares emails contents from a few tables. If the contents differ, I want to display it for comparison. I am trying to do that using iframes and srcdoc attribute. This is a fragment of my email which has got inline styles and nested quotes. 

<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="text/html; charset=UTF-8" http-equiv="Content-Type" /> <title>Title</title> </head> <style type="text/css">a:visited {color: #fff;}</style> <body style="background: #fff; margin-top:25px; margin-bottom:30px; padding-top:0; padding-bottom:0;">&nbsp; <table align="center">

I tried to replace all quotes with that function. 

str_replace([ '"', '&' ], [ '&quot;', '&amp;amp;' ],$row1['email_content'])

but it does not work. I have also tried 

htmlentities($row1['email_content'])

and 

addslashes($row1['email_content'])

but it also did not work. How can i display email content in an iframe properly?

Improve this question
4
  • "How can i display emial content in iframe properly" - Dont bother, instead parse the content with dom document or such - your question also makes little sense, it would display fine in an iframe with or without quotes encoded. Quoting it will just break the HTML Commented Dec 14, 2017 at 8:10
  • Without str_repalce nothing is displayed. With str_replace plain text is displayed. Commented Dec 14, 2017 at 8:13
  • How are you adding the html to the iframe? Commented Dec 14, 2017 at 8:32
  • echo '<iframe srcdoc="'.$row1['email_content'].'"></iframe>'; Commented Dec 14, 2017 at 8:35

1 Answer 1

Reset to default
1

I was curious about this so knocked up a couple of quick test pages to test for myself what you were saying ~ seems obvious but whatever character is used with srcdoc ( ie: srcdoc=' or srcdoc=" ) must be escaped/replaced when generating the content.

<!-- mickeymouse.html ~ used as source for `srcdoc` --> <html> <head> <title>Mickey Mouse loved Minnie</title> </head> <body> <h1>Mickey Mouse</h1> <p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam non finibus nisl. Etiam ut velit ut est placerat dictum. </p> <!-- content populated by inline javascript within iframe srcdoc html --> <div id="donaldduck">nothing to see here</div> <script>document.getElementById("donaldduck").innerHTML="poor wiley coyote, when will he catch that damn bird?";</script> <!-- The line below caused the iframe to not correctly render before doing str_replace to edit the single quotes --> <p>If this text has a single quote - like ' it will cause whatever follows to not render and breaks the `srcdoc` content</p> </body> </html> <!-- iframe page - will display mickeymouse.html --> <html> <head> <title>iframe - srcdoc</title> </head> <body> <?php $file='mickeymouse.html'; $html=file_get_contents( $file ); /* ' -> &#39; " -> &#34; */ ?> <iframe srcdoc="<?php echo str_replace( '"', '&#34', $html ); ?>" width=800 height=600 sandbox='allow-forms allow-scripts allow-same-origin'></iframe> </body> </html>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.