corzblog bbcode parser preview

Here it is! My [search engine fodder] bbcode to html parser, and html to bbcode parser [/search engine fodder]!

This is the actual very onsite parser that parses the bbcode of my blogs and site comments, which as well its usual tasks of, well, you know, the parsing stuff, also moonlights doing a cute wee background demo of itself, you're looking at it. it knew you wanted to do that. hit the "preview" button to see at least one half of the parser's bbcode to html/html to bbcode functionality.

The front-end (below) is built-in to the parser, you just call the function and it creates the form. The cool, super-portable JavaScript bbcode buttons and functions come in the package, too. Have fun. Oh, and by the way, output is 100% pure HTML5, or nice plain bbcode, which ever way you look at it, it's free.

button to undo the last javascript change
cbparser quick bbcode guide..
Most common bbtags are supported, and with cbparser's InfiniTags™ you can pretty much just make up tags as you go along. If cbparser can construct valid html tags out of them, it will. Experimentation is the key, and preview often.

A few bbcode examples..
[b]bold[/b], [i]italic[/i], [big]big[/big], [sm]small[/sm], [img][/img], [code]code[/code],[code]teletype[/code], [url="" title="foo!"]foo U![/url], and more.. To post code with indentation and/or strange characters, .htaccess, etc., use [pre][/pre] tags.
download cbparser
an HTML5 compliant bbcode parser

Welcome to the comments facility!

return to paged comments
dan - 05.06.04 12:50 pm

awesome! thanks!

jay - 09.06.04 7:36 pm

just what I was looking for! excellent!

zie - 10.06.04 2:16 pm

Oh My God..

cor - 10.06.04 9:04 pm

I'll take that as a compliment! (Damn! I need my lol smiley! hey! I added that to cbparser today too, just do :lol: not in the release yet, laterz)

hmm.. maybe I outta make the comments thing cbparser-driven. now that's a good idea! start the clock!!

thanks for comments, it's been a fun thing to code ever since I ripped it out of the innards of corzblog.

just a silly bbcode parser


really! start the clock!

cor - 10.06.04 9:13 pm

it worked! of course.

I wonked for a bit, the include line is prepended with a "@" which supresses errors, and the error was that I was trying to redeclare the parser functions in the comments include for this cbparser file, and they were already declared in the cbparser file itself! does that make sense? smiley for :lol:

anyhoo, I added a check..
if(!stristr($_SERVER['REQUEST_URI'],'blog')) {
sorta thing, and it all fell into place. remember that if run corzblog and ever decide to latch on some "comment" mechanism!

where was I? oh yeah! it worked! of course, cbparser-powered comments!


ps.. I need to make the comments text on this page smaller, though.

joe - 15.06.04 10:54 pm

this is more updated than the one in corzblog, can I just drop it in place to upgrade??

cor - 16.06.04 8:23 am


It's worth grabbing a fresh copy every now and again and doing just that, it gets updated quite a lot in between corzblog releases. the latest stable zip is always here, though often the onsite version (used here and elsewhere) is newer still, though not always without its foibles.

keep a back-up in any case.


com - 27.06.04 1:34 am



wastZzz - 02.07.04 1:32 am

u are teh god

cor - 02.07.04 10:12 pm

heh, yeah wastZzz , I know. smiley for :lol:

hey! thanks simian [comment since deleted -ed], it was only a question of time, wasn't it. Thanks for demonstrating how bbcode survives inside pre tags. Just more fat for the googlebot to chew on. But we need more instances of the word PHP, though. php this, php that.

come on now kiddies!


spook - 19.07.04 12:04 am

I like that it's php. I needed a php bbcode parser, and this is php! I like php!

is that okay?


online casinos - 19.07.04 7:18 pm

Thanks so very much for taking your time to create this very useful and informative site. I have learned a lot from your site. Thanks!! I think you have done an excellent job with your site. I will return in the near future.

online casinos

cor - 20.07.04 12:04 am

thanks for your kind words, much appreciated.

Tell me, do you really know how to beat the casino's? I could do with some of that science right now!

And thanks spook, excellent job!
Yer right, php does rock! and this IS a "php bbcode parser" smiley for :ken:
bang on!


???????? - 07.08.04 12:38 pm

great sure i'll come regards


James Lucifer - 13.08.04 7:30 pm

Weel, if this works as good as it seems.. I love ya for it! :)

casino games - 14.08.04 8:50 pm

Very nice site. Keep up the good work.

casino games

internet casino - 14.08.04 8:50 pm

I was surfing along and came across your website. I really enjoyed it. Thanks! This site is very informative. I hope to see more in the near future, Wishing you all the best!

internet casino

sean - 19.08.04 4:41 am


Ben - 22.09.04 3:53 am

I didn't know this site existed, so I made my own one. It's not as good. Darn.

best online casinos - 05.10.04 3:15 am

Great site! Keep it running!

best online casinos

online casinos tips - 08.10.04 7:47 pm

Hello. I just wanted to give a quick greeting and tell you I enjoyed reading your material.

online casinos tips

Nick - 11.10.04 12:54 pm

Hey, just wanted to say great tool. I am including it on my forum based website. You've saved me a lot of time coding. You'll get a link on my main page, it's well deserved!

cor - 13.10.04 10:16 am

Hey, no worries Nick, feel free to drop that link right here! (though I think I have you in my server logs) Like the online casino guys, we can all benefit from a little PR :wink:

Ben, I'm truly sorry. If only everyone knew about this site, we wouldn't have these kinds of problems. Och well, one day..


315he2. - 24.10.04 12:18 am

Cor, dude.

You need a de-spammer. Those casino buggers are all over the place. Almost every blog got them somewhere. They're like the flu. Worse.

Och, well... What am i telling ya, you know already prolly something, i guess, i think. ;)

Cheerio, ocassionally-reading-your-blog-bisher.

cor - 24.10.04 7:16 am

heya bish!

well dude, I've been wondering what to alter the links to; first I thought inward links, then I thought porn sites, then disney, then I decided to not think about the casino spammers, and that has been working pretty well, right up until you mentioned them.



anonymous - 06.11.04 8:37 pm

bad ass. thank you

cheguez - 17.11.04 7:19 pm

omg this rox

ure god...

Casino de Póquer en línea - 18.11.04 7:57 pm

WOW!!!! This is a great website.

Casino de Póquer en línea

debt - 18.11.04 7:57 pm

Excellent, that was really well explained and helpful


Royal Vegas Online Casinos - 18.11.04 7:57 pm

Great site and great information.

Royal Vegas Online Casinos

cor - 19.11.04 1:23 am

oh! something has happened to this link.. my hoopy casino site
[url=""]my hoopy casino site[/url]
(I blame the latest version of cbparser)

spam away!


ps.. having said and done all that, casino spam seems to be a good indicator of a page's popularity, PR rating, whatever, and another reason I don't have a comments section on my actual blog! smiley for :ken:

pps.. this feature is optional, a switch is inside the bbcode parser itself.
default: $effin_casinos = true;

pps.. personally, I'm just gonna start deleting them.

anonymous - 23.11.04 1:25 pm

thank you for your parser :)

cor - 24.11.04 12:37 am

heh, that's funny!

well, the new tag balancing code is working beautifully! so well in fact that that the parser's built-in demo (this page) was completely blank for a whole day! seems my, erm, tags weren't balanced. smiley for :erm:

the bbcode is fixed! the parser remains unchanged. the tag balancing code is only in the beta version. did I mention that the parser was fine, never better! smiley for :lol: *ahem* other news...

no casino spam today? hmmm. could be "coincedence".
the demo works now, goan..

click "preview" smiley for :D


anonymous - 28.11.04 2:04 am

useful. thanks

cor - 01.12.04 2:30 pm

aww feck!

I introduced a bug when I added the "strict bbcode" feature to the latest beta version (0.6b1) of the parser (running here). so again, a blank space when you click "preview". apologies, I've been away for a couple of days.

the distro version is fine, but if you're playing with the beta, you're tags won't always balance if you enable that option. in the meantime I'll just get it to remove raw links.


anonymous - 02.12.04 12:57 am


Ric - 06.12.04 5:55 am

This has everything!!! Thank You!!

We are using it for making easy webpages in school. You say in it there is no coloring tags but it is easy to make color in the parser when we know how. Thank you!


terageek - 11.12.04 4:14 am

Wow... I'm using it :P

Mr. - 14.12.04 11:45 am

Your downloads don't work

Hi, I'm afraid your downloads don't seem to be working. I just get a web page displaying the following:

Team building | Murder Mystery


cor - 22.12.04 1:27 pm

yeah, it went haywire for a day, all better now though. ages ago, in fact. my hosts' "automatic advertising program" was thankfully removed from clearly I need more PayPal buttons onsite.

nah, the big question for me is; how did I miss your comment? a few other things were wonky that day, comment notfification must have been affected. I wonder is there are any others? hmm..

aye, apart from my host's web server disappearing every other night, all night , everything works great! *sigh*


anonymous - 31.12.04 3:29 pm

This is FANTASTIC parser! Keep up good work! smiley for :D

mattC - 07.01.05 2:46 am

Maybe I seem noobish to ask this question. but i want to know anyway.

Where can i find the whole list of BBCodes available for use and their descriptions? I can't seem to find them anywhere. Though there are bits and pieces here and there. I'm looking for a WHOLE list mind you. :)


if cor can email me when there is an answer, that would be great!
just want to say that this is a great piece of work! smiley for :D go on cor!

cor - 07.01.05 10:50 am

mattC, thank you!

it's a job I've been putting off.

see, originally this very page was simply that, but the tags got out of control, this page needed to be more, and your post was just the motivation I needed to sit down and do a good old list proper.

I put it here, and I hope you find it useful.


pat - 09.01.05 12:07 am

There's a colfusion version of this over at nomorepasting thought you might like to know. I think it only goes one way.


cor - 11.01.05 6:12 pm

cool! thanks pat!

Yer right, it only does the bbcode-to-html side of things, but handy nonetheless. Amazing to see someone actually give me credit, usually folks just rip my stuff clean off! hehe

well spotted!


mattC - 12.01.05 1:27 am

thanks corz. :)

Chris - 12.01.05 12:00 pm

Hi, has anyone ever experienced having problems seeing the advanced options. I have cleared cache and passwords to login to the advanced options and i still cannot see the pages. The links come up at the left hand side but the main page does not change to the options for that selection. Have tried resetting router etc with no luck, any help would be great, thanks in advance, chris. ;-)

cor - 21.01.05 2:44 pm

Hey Chris! you gott ease up on the booze dude! smiley for :lol:

mind you, the comment mechanism has been acting kinda weird these days. could be, erm...


jdf - 06.02.05 9:35 am

How do i get the parser to NOT accept a comment that has HTML, or strip it out or something like that. Your parser seems to accept both HTML and bbcode and process any script. Is there something I could add to your script to prevent them from using HTML?
Thankx. Great Script.

cor - 11.02.05 3:52 pm

Currently, cbparser will strip HTML links (optional), but leave regular HTML structures alone. It won't process php scripts, of course.

It would be trivial to kill all HTML tags, a line like..
$bb2html = strip_tags($bb2html);
would do that. Drop it inside the function, right after the global statement. (say, line 155, if you are using the current beta) I may add a preference.

I've always seen the ability to drop into html when needed as a great thing, I'm curious, what exactly are you trying to prevent?


anonymous - 08.03.05 1:03 am

Its Great :) Thanks dude :)

nice - 18.03.05 10:55 pm

may i too have a comment like this on my "powered by corzblog" site? how's the code?

cor - 18.03.05 11:24 pm

nice, read the front page!


ps.. what "powered by corzblog" site? (drop the link in here, this page has nice Google PR, and it rubs off, you know!)

Fabs - 19.03.05 8:37 pm

where can i get smileys

cor - 20.03.05 5:44 am

They are inside the corzblog distribution, or just right click and "save image as" from any comment page (see under the comment form)

Many were originally from phpbb2, check it out.


oscar - 20.03.05 2:13 pm

I was wondering how exatly do you use this code... I know you have to include ait in the file you want to use... but is there a working example somewhere to download?


cor - 20.03.05 2:32 pm

see inside the file itself,
instructions are included!


Joe - 15.04.05 7:01 am

I had a question about adding something into the corzblog code. Can you do a page where it is strictly for the blogger that has access to the 'edit' and 'add a blog' option? I plan on giving this a thorough workout so I can get a handle on PHP (or maybe buy a license hint hint) but I dont want just anyone able to have the ability to go through and try to edit my blog.

Dude the thing is just awesome!

cor - 15.04.05 12:00 pm

Well, Joe, although folk can play with your 'add' and 'edit' links, they can't do any of it without a password. In other words, they can try all they like, but it wouldn't change anything!

Is that what you mean?


ps.. I code specifically with php n00bs in mind, so have fun!

Joe - 15.04.05 7:44 pm

Yep, that's what I'm looking for!

fajarferdian - 16.04.05 2:11 pm

hm.. no email bbtags huh?
i tried to make it but you registered the < /a > with [ /url ]

need to make my own work around....

nice parser thou...

cor - 17.04.05 2:31 pm

Yeah there is!

Grab the most recent beta, the tag is one of the newer "special" URL tags, and goes [murl="nahnahnyanyanah!"]hit me![/url] where "nahnahnyanyanah!" will be the subject of the mail (quotes are optional)

I updated the "all tags" documentation when I did it, too, both versions! See here and here.

I still have to figure out why on certain pages it doesn't work, because the session variables are being forced into the URL, like on this page. But that's a comment script thing (and only when it runs here at my host), so shouldn't affect anyone else!

grab the latest beta!


cor - 17.04.05 3:05 pm

I thought I might fix that right now (the comment script). It seems it's easy enough to disable the php session trans_id stuff, so the mail tag now works even on THIS page. I thought I was in for hours of research and coding. *phew*. cool..

hit me!


cor - 17.04.05 6:52 pm

back again!

I was thinking about this email thing today, and I thought probably cbparser gets used in lots of "not just me" situations, ie. other users, adding comments and whatnot. So when I was messing about in the engine room just now, I added a regular [email] tag to the mix. It goes like this..

[]hit me big boy![/email]
hit me big boy!

Clever users will realise you can add a subject yourself, like this..

[!]hit me big boy![email]
hit me big boy!

The code is a bit clunky, and I might try and smarten it up before it gets out of beta. Crucially, the email address is "mashed" to prevent the spambot-friendly plain-text from appearing in the resultant HTML. This creates a bit of a headache at the HTML to bbcode side of things, but that's rarely used, and I've included a workaround anyway.

have fun!


cor - 27.04.05 9:22 pm

It's new release time!

I've smartened up the processing order a bit, and improved the <pre> handling, specifically, the text is html entity encoded, so you can put regular html tags inside it. oops! You think one of you thousands of users would have spotted that! smiley for :lol: I fixed a bug with links inside <pre> blocks, too.

There's more spammer-protection, and some tasty new URL tags, as well as some other minor bits and bobs. Actually, there's been a LOAD of improvements since the last "official" release, beta users know what I mean!

Thanks for all the feedback, both here, and in my inbox, always appreciated, even if it takes me a few days to say so! Big w00ts and general fuzzy warm feelings go out to the developers at PHPWebSite who have replaced the PEAR bbcode parsing engine with cbparser for their parsing needs because, and I quote, "Compared to Pear's bbcode parser, it is easier to use and edit.". Nuff said! smiley for :D

Everything is backwards compatible, I think, so feel free to download the wholesome and lovable v0.7, and chuck it into place! Maybe have a quick run through the preferences first, though.

for now..


JackE - 30.04.05 4:27 am

very cute, thanks.

Ben - 06.05.05 1:21 pm

Hi, thanks, i've been looking for something like this for a while.

How can I add a unique CSS style to the to the email tags? I played around but HTML to BBcode produces some odd results.



cor - 06.05.05 18:18 pm

simply replicate whatever unique feature inside the php code!

That's not a great answer, I know, but it's not so tricky. In fact, I've been thinking about giving everything a unique css tag, but it's one of those jobs best done all-at-once, and I'll need to see how that might affect css-less users, too. lots of people are intimidated by css.

okay, scroll down to the "create_mail" function and at its end you'll find.. return '<a title="email me!" href=".. , simply add your style right after the < a, so it becomes return '<a class="mytext" title="email me!" href=".. and then add that exact string into the php line that begins..
$html2bbtxt = preg_replace_callback("/\<a title\=\"email me!\" ...
and you should be good to go!

That is, in fact, why I used fixed titles for certian thing, to make it easy to slot other things in later. Remember to escape (but backslashes in front of) quotes inside the preg_replace_callback command in the html>bbcode part. get back here if you have difficulties, suggestions, or whatever..


adam - 11.05.05 9:14 pm

when i make use of bbcode (on phpbb 2.0.4) a tag like test is apparently stored in the database as test . the bb2html routine converts this to test, which is not rendered properly by the browser.

any ideas?

adam - 11.05.05 9:32 pm

uh, crap.. you'll have to view source to see what i mean. i shoulda known better.

cor - 12.05.05 12:39 pm

adam, I haven't a clue what you're talking about! smiley for :blank:


adam - 12.05.05 3:16 pm

hm, when i post in phpbb and insert a bbcode tag, then re-retrieve it manually from the database, the bbcode tags contain a semicolon and some id after it. i just tested this on phpbb 2.0.15. is this supposed to work with phpbb? it looks like it should...

cor - 12.05.05 10:23 pm

Doesn't phpbb have bbcode built in? smiley for :eek: No, I'm certain it does. So I've never considered phpbb compatability, what would be the point?

I mean, there may be one, but I'm slow tonight, you'll need to prod me!


adam - 13.05.05 7:03 pm

i am drawing the text directly out of the phpbb database and displaying it on a seperate webpage. since phpbb uses only a small set of bbcode tags, i'm just going to write my own parser for now to handle those tags with these weird id's in them.

cor - 14.05.05 9:12 am

r8! with ya!

I hadn't really thought about phpbb's bbcode set being small, I just presumed I'd gotten carried away! I'm fairly sure it wouldn't be difficult to incorporate the id's into cbparser. good luck!


Mike - 17.05.05 11:18 pm

Did anyone manage to get a version working which removed the bbcode id valies (eg: thing )?

adam - 18.05.05 3:25 pm

yeah, i wrote my own... a much smaller and less feature rich parser than cbparser. since phpbb uses only a small subset of the bbcode tags, i wrote something that mostly uses regex string replacement to handle just those... for now it's only handling the most basic tags (i, b, u, img, url). i'm not sure if this is going out of the scope of the cbparser discussion, but the code is very simple... i could post something here or e-mail it to you....

cor - 18.05.05 5:24 pm

Feel free to mail it to me, or throw it right here; lots of folks looking for parsers pass through here every day, someone will doubtless find it useful.

I've seen some interesting wee parsers on my travels around the net, most small and clever (like the "taglet" parser) but with serious style limitations. My "big dumb parser" approach works really well for all my needs, and is infinitely expandable! but there's definitely situations where a tighter ball of code would be more suited.

Yeah, bring it on!


Mike - 18.05.05 10:12 pm

As I couldn't find one anywhere I wrote a bit to strip out the pesky uid from phpbb so the parser will work, although I have now written my own now as I was then halfway there, thought I would add the code here incase anyoine else needs to use it.

heh, unfortunately the parser here won't let me post it as it has unbalanced tags :) so you can fetch it from here

Good luck to anyone else.

cor - 19.05.05 6:54 am

that's what the pre tags are for! smiley for :lol:


fajarferdian - 20.05.05 12:40 am

Hi, wow.. thanks for the major upgrade ;) well done for you..
And yes.. I think more people will find the phpbb id removal code usefull!..

Adam and Mike, the parses DO let you post codes within ur comments using the pre tags cor mentioned above..for example
like this
While (stristr($post_text,'[img:') !== FALSE){
      //do this do that
[ /pre]

but then remove the spaces in /pre tag so that it look like this [/pre]

once again, thank you (or smiley for :cool:

mike - 20.05.05 10:55 am


Romi Lizada - 20.05.05 10:58 am

Your blog gets nice. Keep up the good work!!!

cor - 21.05.05 7:26 am

Yes, you can use the "pre" tag (pre-formatted text)...
// and dem pesky spammers..
foreach ($spammer_strings as $key => $value) {
    if(stristr($bb2html, $value)) {
        $bb2html = 'spammer';
    } // zero tolerance!
and if you download the latest beta, you can also use the "ccc" tag (cool colored code) for php examples..

// and dem pesky spammers..
foreach ($spammer_strings as $key => $value) {
stristr($bb2html$value)) {
$bb2html = 'spammer';
    } // zero tolerance!

Which is quite nice, but isn't yet as colorful as I expected, I'll be looking into that (it may just be a css thing).

note, you need to include the <?php ?> tags if you want the syntax highlighting to work.

thanks Romi!
have fun dudes!


cor - 21.05.05 7:47 am

actually, on posting that, I'm thinking we should just return right there..

// and dem pesky spammers..
foreach ($spammer_strings as $key => $value) {
stristr($bb2html$value)) {
// zero tolerance!

yeah, that's better!


ps.. fixed the colours! (v7.2b3)

cute - 01.06.05 12:00 am

oh how i feel....!

cute - 01.06.05 12:01 am

shame the newest aren't shown at the top smiley for :ken:

cor - 01.06.05 12:29 pm

Well cute, it has been tried.
It works fine for blogs, but not so good for comments.


test - 10.07.05 2:14 pm


satanuke - 04.08.05 12:38 am

writeln('smiley for :D');

cor - 04.08.05 3:29 am

smiley for :lol:

Yeah, I know! But if you lack a sense of adventure, you can easily add "javascript" to your banned words.


Needs - 09.08.05 7:30 pm

I really really need help turning something I did in HTML into code for a phpbb form. It's a table that i've created.....can someone help me??

email me if you can -- i don't know if i'll be able to find this site again.. smiley for :roll:

cor - 09.08.05 9:56 pm

try ##php on freenode IRC.


ps.. check your menus, there should be something called "favourites", or "bookmarks", that's where you put sites you want to find again.

test - 10.08.05 10:25 am

Hi all!

cbr600 - 13.08.05 1:43 pm

could you add support for /li (close list item) and then get W3C XHTML Validator ?

cor - 13.08.05 10:38 pm

well, all this XHTML is new territory for me, but coincedentaly (if there were really such a thing) that's exactly what I've been studying and working on these last few days, the results so far..

So I'm gradually working my way around to first, making all my "packages" XHTML compliant - "thumber" already is, because I needed it for, and then eventually the gubbinz here at, because I installed Opera, and all I have to say is, erm, sorry smiley for :eek:

So yes, somewhere in all that, cbparser will be getting a grande make-over, clean-up, scub and polish, etc, I'm learning new stuff all the time, so it will doubtless come out the other side spik and span!

cuz damn! when I see that big green "This Page Is Valid XHTML!" I go all fuzzy inside! smiley for :lol:

I'll post details here when I eventually get around it.
Thanks for the nudge.


UpMaker - 26.08.05 8:14 pm

Fatal error: Cannot redeclare bb2html() (previously declared in /deathrectory/cbparser.php:236) in /deathrectory/cbparser.php on line 235

cor - 26.08.05 8:32 pm

You only need to include it once smiley for :ken:


Zapotek - 10.09.05 4:26 pm

Cor thanx for giving the source to the masses!
I used it as inspiration for my CMS's parser...

Thanx again...

Ali - 23.09.05 10:20 am

<?php echo 'neat!'; ?>

cor - 27.09.05 8:33 pm


if ($you == 'patient') {
// wait for it..
$cbparser = 'all-new';
$feature1 = '100% xhtml compliant';
$feature2 = '100% css styled';
$featurex = 'and more!';
// check out corzblog for the latest and greatest developments.
// release date to be announced.


Yeah, I like it!


cor - 04.10.05 5:30 am

it's back!

Expect this page to be a bit messy for a while because a) the new cbparser is still in progress, and that's the version running here, and b) while cbparser is outputing nice xhtml, is still messy old htmlsoup.

but you get the idea.


lalala - 04.10.05 10:32 am

where can I download the latest version? Thanks

lalala - 04.10.05 10:39 am

another suggestion, if I type [B]bla and don't close it, your script should close it automatically for me.

cor - 04.10.05 4:01 pm

You can't! It's not ready for distribution yet (there are still a few bugs to iron out). When it is, it will be in the /beta section, as ever.

Auto-closing tags isn't on the cards, if you need that sort of thing, check out the PEAR package.


Joe Blonde - 11.10.05 12:35 pm

the new version is looking real good, will it be ready soon? smiley for :D


Napolux - 20.10.05 10:37 am

Hi there!!!

Great work with this!!!!!!

Rotzi - 17.11.05 7:55 pm

thx dude 4 that script
works fine ;P

cor - 18.11.05 2:03 pm

cheers! feck, I still haven't gotten the new version up yet, as you can see by this page, I got a bit sidetracked in middle of the whole xhtml update thing, but the parser works great, these site comments are 100% validating XHTML! smiley for :lol:

Maybe this weekend, but definitely in your inbox if you are motivated enough to mail me about it. Watch out though, after fixing my gmx settings today (so they disabled that old method, huh) I got a zillion and five mails to get through smiley for :roll:

ho hum..


tundra - 07.12.05 8:17 pm

2 adam:
the id right after the semicolon is the $bbcode_uid which is generated with make_bbcode_uid function in bbcode.php file. It makes every bbcode in the post unique.

blah - 06.01.06 11:43 am

The XHTML version is missing. Please re-upload it. Because this version acts really weird.

it'll replace



<a href=>Google</a>

instead of 

<a href="">Google</a>

also the [url][/url] doesnt work.

However all this looks perfect on this page, so i'm assuming you have got around it somehow in the xhtml version (which sadly isnt available). Please make it available for download.

cor - 06.01.06 2:11 pm

[url] works fine in the old version, though you *must* use quotes, with both old AND new versions, if you want valid markup. Empty [url]whatever[/url] tags have never worked, this is also by design.

And yes, I'll put the xhtml version back up very soon, I had to pull it almost as soon as it went up after I discovered an unusual bug. But it's been working away at here at the org this last week without problems, so I'll likely get the latest version up again within the next 24 hours or so.

Thanks for caring!


blah again - 06.01.06 4:09 pm

hmm I was just going through your parser, and I must say it is very very unsafe. There is simply no prevention against XSS (Cross Site Scripting). Almost every tag is exploitable...

Heres an example...

alert("XSS (Cross Site Scripting)");

the code used was
[script]alert("XSS (Cross Site Scripting)");[/script]

This is ofcourse just an example, but you can stretch your imagination, almost anything can be done, like stealing cookies, editing registry etc.

If you ask me the whole InfiniTags™ is a bad idea, atleast if put the way it is.

You really need to work on making the code secure.

XHTML or not I guess I'll resolve to my good ol' preg_matches :P

Don't take it the wrong way, I really do appreciate the work, but this is just an invitation to hackers/script kiddies.

cor - 06.01.06 6:14 pm

smiley for :lol: here we go again!

Firstly, it's drop dead simple to prevent these things, maybe add the word "script" to the ban list, as previously suggested. I simply choose not to do that here, mainly because I enjoy watching people try these things. You should see some of the fun that gets uploaded in my php upload script! I have learned a lot from my potential hackers, and wish to keep doing so. And in over two years of running this parser all over the site, nothing has been lost.

I mean, just try and edit my registry! This simply isn't possible, though sure, other things are. And you aren't the first to mention this, even publicly, which is why I added xss-prevention to the xhtml cbparser, very simple to do.

If it makes you feel better, I'll even enable it by default in the release version!

But not right now, I am called elsewhere..


cor - 07.01.06 1:02 am

I got home quite a bit later than expected, and I'm really too tired for code tonight (there's more to packaging than simply zipping, and really, it's penciled in for tomorrow - there's still a couple of things I want to tweak before it goes out, anyway, the weekend) but before I go to bed..

You've given me some food for thought, blah, which is always good; not so much in the security aspect (my dev version had its xss support beefed-up fairly recently - though after your comments I'll be testing it more thoroughly! as well as a few interesting <pre> tag encoding schemes I've been playing with) but rather in "what people think". Hmmm.

For example, I used to enjoy the spammers' odd visits. I'd delete their silly comments, have a wee laugh, add their strings and domains to the spammer list, yet still, not actually enable spammer protection here at the org. I don't like to miss stuff, you see.

But then it just got too bloody annoying, and I switched the spammer protection on myself, tada! goodbye spammers, mostly. It's a similar story with the xss prevention stuff. My own opinion is that this whole cross-site scripting thing has been blown out of proportion. Yes, it's important, for certain sites, perhaps crucial, but mainly it's kids, and some of the pranks are quite amusing, actually. The question is, do I enable this protection here?

I personally don't feel at risk, not because xss isn't possible here, it is. But is littered with pages that have comment facilities (some with thousands of comments), and not once has anyone tried anything remotely nefarious. I like to think in my own innocent way, "why would anyone want to do that to my site?". And I still see things that way. Messing with Microsoft or AOL or something I could understand, but me? That's insane!

But the problem is, if I don't enable it, then folk might get a bad impression of the parser itself (and there are many cool features in the new version, so I don't want to put people off what I - and thousands of downloaders - know is a valuable thing) but if I do enable it, I miss all the fun, and importantly, I'd never know if someone was attacking, because it would fail. The question is; which is more important to me?

I'm still not sure. But, thanks for the food, anyway!



blah - 07.01.06 4:58 am

"why would anyone want to do that to my site?"
That thought is killing the internet

Its not that its tough to combat XSS, its just that when you are making an open source script for people to use, you should make it a point to secure it and enable all security settings by default. Remember not everyone is fluent with php. Looking at the number of people using your parser for their phpbb and other forums, its a huge risk. Risk as in? stealing the cookies of other users and using them for logging in, if ip binding is not enabled.

I mean, just try and edit my registry! This simply isn't possible, though sure, other things are.
You might wanna have a look here

I understand its not a big deal here, but this isn't the only place where the script is used, is it?

You can continue with open exploits here but you should seriously think about releasing a new version which overcomes these exploits, to the public.

cor - 07.01.06 12:16 pm

blah said..:
That thought is killing the internet

We probably couldn't disagree more. There are more important things afoot than our precious individual web sites. My innocence is real bliss, and I'm fairly keen to keep it that way. Even if I was *gasp* "attacked", I'd just deal with it, and still carry feeling that way. And believe me, nothing is killing the internet; the reality of things is completely, totally the opposite!

blah said..:
You might wanna have a look here
I'm aware of the issue (one of my online collaborators likes to keep me in the loop *sigh*) but that is an issue with a buggy web browser that only a fool would use, and I stand by what I said.. editing my registry with xss is not possible. But do feel free to try! smiley for :lol:

I've enabled the xss prevention in the online version (yes, I slept on it, and even added a couple of wee xss tests to the demo string, just for you! smiley for :ken:) so seriously, DO feel free to try; I'd appreciate the testing.

And I DO appreciate you comments, blah, too. In truth, I don't give security a lot of thought, though of course my release stuff is pretty tight. The new version of cbparser is long overdue, I know, but there have been a few difficulties elsewhere in the code of things, the portable javascript features have been giving me headaches, amongst other code my simple mind finds tricky. Anyways..

announcing the all-new, xhtml-compliant cbparser!

I've bitten the bullet this morning and packaged up the whole shabang. Along with the parser itself, which now comes with its own built-in bbcode GUI (as seen at the top of this page), you get the cbguide (the neat info and buttons underneath) and its associated javascript file (highly cool inside!). There's also a sample CSS file (as generated by corzblog), and even a few cute images for your list items (as seen above).

The parser itself is a massive improvement over the old version. Producing 100% strict xhtml compliant code was the motivation, but I didn't stop there. There's more tags, support for a wide range of email bbcode, improved anti-spam capabilities, xss prevention - blah stole my thunder for THAT announcement! smiley for :lol: - och, loads of good stuff. Get it in a text editor! cbparser will even do automatic conversion of any legacy bbcode you might edit.

I'm really pleased with it, and this version - more or less - has been running away on my dev mirror for the last week or so (though, with xss-prevention disabled) without any troubles, so I'm fairly certain you won't encounter any difficulties installing or upgrading to the latest version. Of course, if you do, let me know!

for now..


ps.. if I don't get any major bug reports back, the beta will become the main release version a week from today.

blah - 09.01.06 5:46 pm

I'd really like to thank you for putting in all the effort. At the moment I'm going through the code tweaking it to my needs. I must say quite a few of those preg_matches can be replaced with str_replace, just another step towards making the fastest parser even faster ;)

blah - 10.01.06 7:40 am

Quite a few tags are yet eploitable, open this page in IE6.0...

an image

code used


I'm just doing an

($text, ENT_QUOTES, 'UTF-8')

to the input string, along with replacing a couple of symbols with their decimal equivalents, as I dont allow any html tags, your mileage may vary.

Also in your script if the xssclean is called after the parsing this can easily be avoided...

cor - 10.01.06 10:12 am


I originally had
($text, ENT_QUOTES, 'UTF-8')

but sadly my development server can't handle multibyte stuff very well (though it should!), so I had to switch that off (the line has since been put back in but is commented out, with a note).

I don't want to run the xssclean after parsing because I use javascript in some of the tags, so it must work at the bbcode end of thing. And if you want something really nasty for IE try this..
[table datasrc="."][/t]
I've added that to the xss clean-up, but your version will still be exploitable. try it just for fun.

I wasn't aware that you could throw javascript statements into image tags. Thats's fecking nuts! I presume this is IE only, is it? smiley for :roll: I guess I could add something for that.

replaced with str_replace, probably (in the xss-prevention code?). The thing with the regex engine is, once you've got it up and running, it's pretty much neck and neck with a regular str_replace. The secret is to avoid it altogether, if possible, which it isn't here.

Feel free to keep tweaking away, blah, that's what it's all about, and I'm sure new exploits will keep appearing all the time; annoying as it is, you can always drop them here, anyone. If you manage to replace any of the preg_replace statements with str_replace equivilents, mail me your changes!

I got the entities dropdown working properly yesterday, and put up a couple of updates as I went along. I've now tied the internal version number into the download link (which is generated), the idea being, as soon as a new version goes into place here, I'll need to up the same version for the download link to keep working. Of course, I may forget smiley for :D

I also updated the bbtags page to reflect the new version. Aside from more tags, there are a few other changes. I'll note some here, making notes for a proper devblog entry when this becomes the main cbparser release..

There's no more "strictly bbcode" option, in that it's bbcode or nothing. Angle brackets are encoded to html entities, so entering raw HTML tags is no longer an option. But of course, with InfiniTags™, you can enter any html as bbcode, so really, there's no need for it.

Likewise, the html >> bbcode conversion is always enabled. cbparser will attempt to translate any tags it doesn't recognise into bbcode InfiniTags™, just like it does with known bbcode markup.

Someone may have noticed that cbparser's built-in gui is also equipped with the most effective anti-CSRF attack measure available, though in truth, I didn't put that feature (trackable hidden token) in there for that, but for my own devious uses (tracking comment entries, in fact, ie.. edit your comment, or whatever). But there you are, an added bonus!

I'll do more notes later.


ps.. fixing the image tag is just adding a "?" after the = of the javascript catcher. now it catches all sorts.
pps. try a newer version. smiley for :ken:

cor - 10.01.06 3:46 pm

Just to keep things balanced smiley for :D I've came across a simple set of tags that will crash Firefox (1.0.7 and below)..




has the same effect, apparently, though I haven't tested it.
I've added these to the most recent xss-prevention code, of course, along with a few other nuggets I came across on my travels.

Quite fun, this browser crashing stuff.


ps.. DO NOT put those tags (or the earlier IE table tag) into an html document and load in your browser if you have unsaved form elements, or any other data you value, because your browser will crash!

blah - 11.01.06 2:36 am

I generally try out all the exploits listed here prior to using any code on my site. You may find me irritating, but thats the least you can do when you have over 1 lac people on your site and you can unknowingly piss off quite a few of them :P

cor - 11.01.06 2:43 am

Yes, I know that page. A nice reference.

And no, I don't find you irritating. Though I do find the carzy security holes in common browsers *very* irritating; I've got better things to do with my unpaid time than mop-up after after multi-zillion dollar software companies!

Keep the exploits coming! It's all good!
Have you managed to exploit rc5, yet?


ps.. phpsuexec upgrade in progress, expect many onsite errors, but not with the parser, it rock!

cor - 15.01.06 5:17 pm

I notice that the built-in demo is a bit messed-up when it's not living in my blog folder. I'll have a look at that in the coming week.


möööp - 06.02.06 5:48 am

Thx for your work.
It looks interesting, but unfortunately it's just another regex and string-replacing orgy, but not a parser.

cor - 06.02.06 8:39 pm


möööp, you must be working with some obscure definition of the word "parser".

But you're right about one thing; it does look interesting, very interesting indeed. And in a visual media like the web, what else matters?

The methods employed are, considering all things, the most appropriate for the job, and it gets the job done superbly on hundreds, possibly thousands of sites, so there's nothing unfortunate about it!


ps.. don't I know you from an Aesop's Fable?

Markus - 14.02.06 4:29 pm

I am looking for some support actually can I get a link to some FAQ's or support forum?

cor - 14.02.06 9:26 pm

Markus, you are on it! Fire away!


ps.. I introduced a minor bug in 1.0.3b, where double square brackets [ ] weren't passing through the new tag balance checks. Fixed in 1.0.4b.

duck monster - 05.03.06 8:16 am

Radium, one of the techs behind SA has a really neato article on bbcode type parsers at ;-

Basically, parser does have a specific meaning in IT, which has to do with transforming one set of symbols to another (ie C++ -> assembly, or bbcode -> html), and theres a reasonable corpus of theory around it.

However on a common sense type level, sure you've written a parser of sorts.

One advantage of proper parser design is it automatically deals with unclosed tags and orphaned esclamations, etc. things like [ etc.

cor - 06.03.06 5:49 am

Not a bad wee read, duck monster, but seriously, anyone who says "php is a joke" should provide salt with their text! smiley for :lol: Sure, php lacks some of the finesse of certain other languages, but zillions of sites really aren't wrong; it's is an incredibly useful language for web development.

Anyway, cbparser does, in fact, deal with unclosed and orphaned tags. Later versions will correct certain tag imbalance errors, insert missing tags, give appropriate warnings, and it always stopped the user if the tags didn't balance. In practice, this proves to be a fine way to deal with orphaned [ characters and anything else, encouraging users to understand and get their code right in the first place! That's not such a bad thing.

There are thousands of comments here onsite, so I know that even the most technically inept can comprehend and operate the bbcode facilities without trouble, and produce great looking, valid xhtml. That's good enough for me, and most other humans.

I have no aspirations to write "the perfect bbcode parser", even if I could, though I have considered ways to implement a php stream-state parser (as I see it), but none very fruitfully, I'm in no hurry, I'm having quite enough fun with the one I've got.

Truth is, there's nothing out there quite like cbparser. Do you know of another bbcode parser that will, for instance, mash you email addresses so spam-bots don't chew on them? Or provide built-in GUI, or spam-protection? Or convert arbirtary legacy html code? It's a wee bit more than a simple bbcode->html converter.

At the end of the day, I'm wrote this for me. True, thousands of others have grabbed it, but essentially it's part of corzblog, and will always be evolving to my own particular requirements. On request, I made it available for free, and maintain it in this modular state, no small amount of work, but that doesn't mean I'm looking to collaborate on it, in any shape or form!

Thanks for the input, though.


ps.. it does prove one thing, however; a bbcode parser is important. smiley for :ken:

Billi - 14.03.06 7:17 pm

smiley for :lol:smiley for :lol:smiley for :lol:

Roy - 14.03.06 11:19 pm

Hi cor, thanks for this, great work!

I noticed in the newest betas that there is provision for a spell checker, and that also runs here on your comments, is there any way to enable this, I can't find it anywhere. thanks.

by the way, the new buttons are very cool! smiley for :cool:


cor - 16.03.06 3:13 pm

Cheers Roy! Very observant!

The spell-checker is something I'm putting together for corzblog, though I've no plans to release as a separate entity, if you really want to play with it, feel free to drop me a mail; I could send you something.


jds - 16.04.06 7:08 pm

I wanted bbcode for our commments, five minutes later we have bbcode!

Thank you!

mark - 21.04.06 8:53 am

<advert snipped -ed>

Red - 01.05.06 1:35 pm

Just wanted to say thanks for a great parser smiley for :D Saved me loads of time from making it myself ::love:::

Now I just need to go through it and figure out where to add my own smilies smiley for ;)

ss - 03.06.06 2:56 pm


Michael B. Parker - 05.06.06 3:50 am

THANKS FOR THE EFFORT! :-) Yours is 1st on Google as far as "HTML to BBCode" search.

However, THE html2bb DOESN'T SEEM TO WORK. For example, doing
Standard <b>bold</b>, <i>italics</i>.


Has the html2bb also been debugged? How to fix?
And any alternative html2bb programs or web-apps you can recommend? The 2nd google listing,, doesn't reliably either.

BTW, html2bb seems far more valuable since there are ton of WYSIWYG HTML editors out there, yet few BB editors, people (myself included) wanting to compose in a WYSIWYG, would then frequently need to subsequently go "HTML to BBCode". If you would be great (even more useful) if you put html2bb on the web - might increase your traffic dramatically.

-Mike Parker,

cor - 05.06.06 7:10 am

Thanks for the keywords Michael!

The html>>bb doesn't need debugged, it works great! I use it every day. If you post a comment here, include some tags, and then edit your comment, you will see. Perhaps you have an old version or something. Always grab the latest beta, as used right here.

The only known issue with the current version is back-slashes inside pre tags, you need to double them. (it's actually been fixed in my dev mirror version, but hasn't been packaged up yet)

And my traffic has been increasing quite enough! I've had to upgrade my hosting package twice this year already. smiley for :eek:

Grab the latest beta. I'll try and get around to packaging up my dev version this week, and swapping it in so there's only one download.



sebgymn - 06.06.06 6:31 pm

one little question:
how can i use the htmltobb parser? entering html code to the textarea, and hitting "preview", but it gives html! one plz help. tried thousand times but it only gave in html form. and i also tried in my local apache server but i cant create the post file. im a noob in php, forgive.

cor - 12.06.06 11:26 am

We are back!

sebgymn, as a php n00b, there are some things you need to know. Firstly, trying something over and over a thousand times is not a good strategy. If something doesn't work, it's generally means you will have to do something to get it to work. It's not like a torch, or an old Television set; banging it will have no magical effect.

Next, you need to think about what you are doing. The comments mechanism here at the org utilizes the "bbcode to html" side of cbparser's functionality, so clearly, entering only bbcode is useful. If you were to read my previous comment to Michael, you will see I suggested making a comment here, and then editing it. At the editing phase, the comments mechanism utilizes the "html to bbcode" functionality, only once, to convert your old comment back to bbcode in your edit area.

Lastly, crucially, you must realise that these are features of the comment facility, something quite separate from cbparser. It utilizes cbparser's functions, but exactly how it does it is up to the author; in the case of the comment mechanism, that is me; in the case of whatever *you* are trying to do, that is YOU.

Fortunately, I think of everything*, and if you simply drop cbparser into a server and load it in a web browser, you'll see its built-in demo page, which not only demonstrates at least one half of cbparser's capabilities, but serves as a working example of the php code required to get it working.

As a coder, you must decide how you want to use cbparser, but at the very simplest level, switching the demo's function call from bb2html() to html2bb() would do what you want, sorta.

I've also stuffed the thing with notes and comments, and as you are new to things, perhaps you didn't realise that those are there for good reason; read and learn. Always walk through any code you are unfamiliar with, do the steps in your mind as you go along; things will quickly make sense. (it's not smart to implement code you don't understand)

And if, after all that, you have any troubles with your implementation, feel free to post questions with specific examples, copies of any error messages, example code (use [ccc] tags), etc., and I guarantee I'll do my best to help you with that.

Have fun!


Well, between me and me brother, we think of everything.

Marc - 05.11.07 10:47 am

Very impressed by your work. I stumbled upon this while doing some quick research. There is a new Joomla forum component called Fireboard. It has a BBcode parser that is very lacking. I was wondering how would one go about replacing it with this one? I have NO knowledge of PHP coding but can manipulate things sometimes to get them to work. Can someone point me in the right direction on how to get this integrated?

cor - 05.11.07 4:24 pm

I vagualy remember looking at Joomla for someone a long time back, and coming away thinking that it was an unintuitive pile of dog poo. Undeterred, I grabbed the latest copy and threw it into my local mirror, it seems not much has changed.

Still, I like it when folk use cbparser to replace built-in bbcode parsers, so I grabbed this Fireboard extension, and installed that. And that's about as far as I got. I couldn't see how to to activate Fireboard inside Joomla and make it available, and ran out of time.

If you want to provide some more information, I could have another look.


ps. if you are just starting your site and don't code; there are lots of other CMS out there besides joomla (check out CMS Made Simple, for one).

Marc - 05.11.07 11:29 pm

When I saw this parser my jaw dropped. I had to have it. But my skills are non-existant so implementing it is beyond me.

As for making FB active you have to create a menu link like so
- Log in as admin
- Use the dropdown menu at the top of the page and choose the menu that I want to add the FireBoard Forum link into.
- Click on "New" from the toolbar.
- Click on "Components"
- Enter the Details:
--- name of your forum
--- the component you are linking to (in this case "Fireboard Forum")
--- where the link will be nested
--- who will be able to view your forum
--- publish it
- Click "Save" to finish.
I'm a mod on the Best OF Joomla Fireboard forum and if you think poorly of Joomla I can only IMAGINE what you would think of the coding of Fireboard. I think the file that holds interest is admin.fireboard.html.php.

I wish I could code. I would write my own forum or CMS.

Thanks for looking.

Marc - 05.11.07 11:40 pm

Also. Forget that file. It only LOOKED like something I could modify. Don't really know where to look past that. It's a mess in there.smiley for :aargh:

cor - 06.11.07 9:29 am

Gotcha. Okay, I threw joom back in again, and got it up and running, and yes, you're right; it's a mess in there! For starters; they are still using tables for layout! smiley for :eek:

It would be no small task to incorporate cbparser, though I can certainly see the need for a more comprehensive bbcode facility. With php, everything is doable, but to be honest, if it were my task, I'd probably write a forum component from scratch, rather than base it on someone else's old code; a-la fireboard.

If you still want to play with it, you will probably also need to also look inside..


and probably others. It's a bit scattered around. smiley for :roll:

I wish I could be more help, but even *with* loads of php experience, I wouldn't attempt it. TABLES!!!! smiley for :aargh:

I thought I was slack in the XHTML upgrade department! Because joomla has grown so big and complex, it would be a mammoth task to get it xhtml compliant and accessible; there's all sorts of legacy html stylings embedded right inside the php. It wouldn't be a "fun" job to remove it, and I'd be surprised if they ever did.

It's more than simply a difference in tags, it's a complete mindset, and coding for or inside Joomla would be dangerous for me; my frustration levels would be at max the whole time, and I'd likely end up trashing it, and writing a CMS from scratch.

But I already did that; is 100% hand-built, and cbparser is just one small part of the whole show, available individually, like most of the other parts; modular, self-contained programs that work together and slot together as and how needed.

I guess what I'm saying is, if you want something *just so*, then you GOTTA learn to code. So learn to code! Start simple. Maybe add a few new tags into Fireboard, or better yet; head down to my /engine, and download some php, get it into a decent text editor; there's notes.

Writing php is easy; that's why everyone does it. Writing secure, even beautiful php is quite another thing. Getting there can be a lot of fun, though.



Marc - 06.11.07 10:31 am

I told you it was bad but they ARE doing a total rewrite of the code. They made the mistake of building on top of a project that was "flawed" in the first place! Every mod they made to the code just made things worse. But thanks for pointing me in the right direction. I appreciate it. I'll learn this one way or the other. No getting around it. I'll check back in and let you know how I'm progressing.

cor - 06.11.07 1:34 pm

Marc said..
I told you it was bad but they ARE doing a total rewrite of the code. They made the mistake of building on top of a project that was "flawed" in the first place!

Yup, you can tell. It's always best to just rip out all that shit and start from scratch, I find. Props to the crew for taking on a rewrite; always a worthwhile endeavour; though in this case, probably a hellish one.

I look forward to the updates on your progress, here or elsewhere. It's always good to see someone getting into web coding; a powerfully enabling step to take.

All the best!


Hubble - 16.11.07 2:05 pm

Hi Cor,

First I want to say you parser is super! I love using it!
I have one problem with the code when I run it on my own desktop computer.
when I use special characters like: ë i get nothing back, the output is totally blank.

I use apache 2.2 and the newest php (also tried older versions).

Hope you can help! smiley for :)

cor - 16.11.07 2:27 pm

Hi Hubble.

It's temtping to jump in with a few potential solutions, but less valuable than first asking.. Have you consulted your php error log?

It's clear that cbparser can handle these characters fine (you just used one), so before I rip it apart, even load it in my text editor, I'll need to know things like; what operating system you are using, what version of cbparser, any log output, errors, is it running alone or embedded in some other page, and so on.

Also, when you say the output is totally blank, do you mean the entire page (i.e. it desn't load at all) or just the area where you expected to see html output from cbparser?

It's not possible to give me too much information!


Hubble - 16.11.07 4:02 pm

I'm running apache 2.2 with PHP Version 5.2.4 on a Windows XP desktop. Also using MySQL 5.0.

I've checked the error log from apache but it gives no error, I also tried debug error logging but it still was empty. I'm using the 1.2 parser version, but I had it with 1.0 too.
The page is not embedded. Everything on the page loads fine accept the part where the text parsed by the bbparser should be. I also have this all running on the web, but there it works fine. So it's a local problem.

When I remove the special character everything works well.


cor - 16.11.07 6:53 pm

Hmm. Is utf-8 enabled on the server, and in your local site? perhaps add this to the .htaccess..
php_value default_charset utf-8
A phpinfo() would let you know the current setting. Not that this should make the output blank.

I'm assuming your system has international language support, too. Not that you should need it for this. It's just a good thing! smiley for :D

Can you hack in and echo the output of these two variables..


.. to see what cbparser's error condition was? Pop it into the foot of the page or something (or run with my debug unit).

What bothers me is the lack of php errors. For cbparser to spit out NOTHING AT ALL takes a fairly error condition. And if that's the case, where's the php error log entry?

Is error logging even enabled? Can you produce another error? Any error? (i.e. intentionally, with another file, by adding some gibberish to its code) and actually physically see the error produced in your log? If your error log is empty, go make php add something, on purpose, to check all is working.

Trouble is, it's easy enough to disable all php error logging and error viewing and then not have a clue what's going on, because php won't tell you, if you tell it not to!


Hubble - 19.11.07 9:31 am

First thing I tried before changing anything was getting the warning message and state.
The warning message gave nothing but the state returned 5, xss attack or php injection...

My windows system is Dutch and has indeed international language support.

I'm going to try to get more out the logs... <edit-2> I have my php logging on ALL and Apache on DEBUG and the page just doesn't give any errors...
(The logs are not completely empty offcourse, the are lots of minor errors and they are all explainable and have nothing to do with the cbparser or this particular page.)

Can you tell me what that state: 5 means?

line 769 : $bb2html = preg_replace("/<\?(.*)\? ?>/is", "<strong>script-kiddie prank: <?\\1 ?></strong>", $bb2html);

I disabled line 769 to test what would happen, and I got this:

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1726

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1727

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1727

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1728

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1729

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1729

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 1732

Parse error: syntax error, unexpected $end in C:\Inetpub\wwwroot\Beuk Horeca\includes\cbparser.php on line 2185

<edit3> When I totally remove the lines, there errors are also gone again, it was probably because only half the line was disabled...</edit3>

- tried the htaccess. file with php_value default_charset utf-8
- tried adding AddDefaultCharset utf-8 to httpd.conf
- tried adding to php.ini
- mbstring.language = Neutral; Set default language to Neutral(UTF-8) (default)
- mbstring.internal_encoding = UTF-8 ; Set internal encoding to UTF-8
- mbstring.encoding_translation = On
- mbstring.http_output = UTF-8 ; Set HTTP output encoding to UTF-8

all no success... smiley for :erm:

Thanks for all the help, by the way!


cor - 20.11.07 1:50 pm

Hmm. Error 5 is just what it says on the can (and in the notes at the top of cbparser); script-kiddie attack. Though clearly that's not the real issue here, as you aren't trying to input dodgy javascript or php into the textarea, I presume.

I don't know what version you are running; those line numbers lead to the demo text! You can delete ALL that; it's just for the demo here at, really.

One thing that springs to mind is slashes. Everywhere cbparser has been working and developed has had magic quotes enabled..
php_flag magic_quotes_gpc on
and I do remember noting somewhere that behaviour with it disabled (very rare) was "unpredictable", though I'm in no hurry to look into this, you might want to.

Also, did you try disabling xss protection?


ps. also, check your editor isn't messing with the file; use a good plain text editor, and ensure characters aren't getting left outside the php tags.

Hubble - 21.11.07 10:21 am

The magic quotes we're off, so I turned it on, but it didn't help. I tried turning of the xss, this still gave no output and the state became 0. I was using the 1.2 parser and also tried yout beta. 1.2.1.

I think I will remove the php engine and reïnstall it to see if my setup might be causing it.


Hubble - 21.11.07 11:18 am

I deïnstalled php and apache and removed all files left behind, reïnstalled apache 2.2.6. and php 5.2.5.

The problem is still there, I also uploaded my site to our domain to test it and it works fine online (just to make sure)

If I put in my page:
echo bb2html("øøøøøø",'');
I receive the error: there was no text!

Apache does give an error now but it also gives it when the text has no special character and thus the page parses good;
[Wed Nov 21 11:55:04 2007] [error] [client] PHP Warning:  htmlentities() 
[<a href='function.htmlentities'>function.htmlentities</a>]: Invalid multibyte sequence in argument in 
D:\my web\includes\cbparser.php on line 545, referer:

Because it works online perfectly and it's only occuring on my system I think we shouldn't pay much attention to it, maybe a clean install we resolve it.

Thanks for all the help anyway.


cor - 21.11.07 11:51 am

Och well. You might want to try..

= htmlentities($bb2html, ENT_NOQUOTES); ?>

note, no utf-8. I've seen that throw up errors before, but php usually carries on gracefully.

It is a pain when things don't work. I haven't seen this sort of trouble with cbparser before; it sure is used in a lot of places, inside various CMS and all sorts, so I'm guessing you've got something local going on. I wish I could be more help in pinning it down.

The next time I dive into cbparser, will probably be a ground-up rewrite, so I'm leaving it well alone for now!

for now..


Sony AK - 17.02.08 5:02 pm

Dear bbcode creator,
I'm using your script for my wap site http://m.mobitrek .com/ (using XHMTL mobile spec) on some occasion your script is running well, but when user type wrong ordered tag, then it produces error, the tag sample is like this haha then it will error, can u add some tag order check before?


Sony AK

amir - 26.02.08 4:56 pm


can u plz post an installation guide? cuz i'm all messed up and i just couldn't install this usefull editor...

many thanks!

cor - 28.02.08 11:21 am

Sony AK, cbparser will check for certain things, unclosed tags and such, but it won't teach people the basic concepts of bbcode. Your example works just fine. Feel free to drop an example that doesn't work, I'll get a better idea of exactly what you mean.

amir, throw the script into a text editor - voluminous notes and instructions are provided within. You should be in there setting your prefs, anyway.

Never run a script without first studying its contents!!!


Mike - 20.04.08 7:36 pm

Really nice job, I've been doing php for about 2 years now and have been looking for a bb parser to same time as I do not have the patience to build one smiley for :). This is really nice, I was using simplebb before but it just didn't cut it. Thanks for the parser.

Mike - 20.04.08 8:06 pm

Couldn't seem to edit my prev comment, anyways this site has a fast load time yet when i run the file on my server it seems to take for ever. Any suggestions?

cor - 23.04.08 3:12 pm

Your (editing) session runs out after a while; you only get so long.

As for cbparser, I can't think of anything off-hand, that would make it slow on your server - it runs on some *very* slow machines with no problems, and there's no reason it shouldn't.

Check your php error log. Maybe there's something up.


cor - 23.04.08 3:19 pm

I see what you mean about editing on this page! That's new! smiley for :eek:
I'll have a look into that.


ps. it was my spell-checker. smiley for :roll:

Gary Glass - 24.04.08 1:49 am

I've been trying to get a bbcode wysiwyg working on a Fireboard forum. TinyMCE's bbcode plugin is pretty buggy. But the HTML version seems to be better. So I thought I would use your component to convert the HTML submitted from TinyMCE's editor to bbcode. Here's the first thing I tried:

<p><a href=\"\">link</a></p>

And using your unmodified cbparser, I got this result:
<p><a href="">link</a></p>
<p>normal</p><pre>string(137) "<p>[b]bold[/b]</p><p>[i]ital[/i]</p><p><a href="">link[/url]</p>

As you can see, the p's, and blockquote's didn't convert at all. The closing A tag did, but not the opening tag. Advice?

cor - 24.04.08 7:43 am

cbparser can convert its own xhtml to bbcode, but as for anyone else's tag soup, forget it! If you use cbparser to create the xhtml, it will work fine.


Scott - 02.06.08 9:55 pm

First and foremost thanks a lot for this parser and so far I am truly impressed.

Second thing is that i am using YUI and was wondering if you would know that the html generated from that would be fully compliant with cbparser. meaning that the Yahoo GUI editor would produce HTML that would be easily converted to BBCODE using your code.

Thanks a lot

cor - 17.06.08 4:58 pm

Aha! The comments are back for this page! A sticky bug in the new comment thing/pajamas marriage. All better now.

Scott, see my previous post.

Having said that, there is more I could do to make cbparser convert "any old HTML" into valid bbcode tags. It's already a unique and funky feature, it seems smart to make the most of it, extend it. I've had a few emails along similar lines, too, so I'll maybe have a look into this.

for now..


numstruck - 14.11.08 10:17 pm

Hi (or

This looks amazing, but I'm lost.

I want to add a page to my site with a comment form like this that will use tables and boxes and all of your awesome srcipting.

But I have no idea how to do it, I downloaded your parser, then uploaded it to my host,
and all I get is this exact same page...WITHOUT a comment form.

I don't want the demo page, I just want this exact same form I am typing in...on my page, but every link leads to /blog/inc/... none of which are included in the download.

I know I need /comments.php somehow, I'm just not sure how to do it, I have tried viewing the sources, and I know I need some sort of form fields...and I have read thru the parser comments...but I just don't understand the syntax for do_bb_form string, gui creation, include POST variables etc. etc. etc.

I guess what I am asking is, am I missing some easy step to insert this useful script on one of my pages?
I'm not a total n00b to php, I have learned enough to build the rest of my site, but this just seems to be out of my league...and I really would like to use this.

Please help, I've included my email, and I will gladly link back to your site.

cor - 15.11.08 5:25 am

Hey numstruck! Remember, cbparser is no more than a module to convert bbcode to xhtml and back.

However, cbparser also has the capability to draw funky forms and more, and that might be what is confusing you into thinking that it can do "everything". Almost, but not quite. You're right, you need a "comments.php".

Inside the distribution, is a folder called "examples", and in there, a script called "". Without too much messing around, that could be hacked into a simple comment facility.

Just like in cbparser.php, you'll need to adjust the preferences. I happen to keep my copy of cbparser (one copy is enough to run all the forms and tools on the site) inside /blog/inc/, though feel free to keep yours wherever you like.

Inside the example script, there's a section of code, something like..

if (isset($_POST['preview'])) { etc... 

You could add your own section, checking not for 'preview', but 'publish' (meaning someone pressed that button on the form). Your section of code would grab the string they posted, and write it to a file. You could display (include()) that file at the top of the page (a-la "previous comments"). And so on.

In fact, as you are not the first to ask for such a thing, by any means, and as it's a fine Saturday morning task, I have gone ahead and done all this, as well as a few other edits, zipped the whole thing up for your learning and amusement, and hopefully, hacking. You can grab that, here..

Full documentation is included in the script, though if you have any comments or questions about it, feel free to drop them here.

Have fun!


p.s. the "tables" aren't tables, they only look that way.

numstruck - 15.11.08 6:43 am


That is exactly what I wanted.

I hope your weekend is filled with happiness.

an image

are perfect
for what I need.

genius, pure genius.
include 2thumbsup smilie here

I hope I can figure out how to add a NAME field...

cor - 15.11.08 8:58 am

I'm glad you like it! All donations warmly accepted! smiley for ;)

I picked up your love-pulse a wee while back, thanks, I was in the middle of something at the time. As mentioned, you're not the first to hint that such an example would be useful. I think I was leaving it "as an exercise", or something, but that can be frustrating when you are completely unfamiliar with cbparser's comprehensive feature set. Thanks for giving me a nudge to do it. A working comments example was long overdue.

For greater insight into cbparser's auto-form capabilities, compare the do_bb_form() call in the two example scripts. I didn't make many changes, and bang! Instant comments!

I'll no doubt add it to the next cbparser distro. By the way, you can send an id via the do_bb_form() function, maybe preferable to a NAME. Or hack whatever you like directly into cbparser.php (search for <form).

May your own weekend be joyful!


numstruck - 16.11.08 4:54 am

Hmmm, well I got it incorporated into my page, (never could figure out the name thing),
just one small problem, if you refresh the page after posting, it posts again, and again. smiley for :eek:

It doesn't seem logical since the text field is blank.. any suggestions how I could stop that?
(I know people will try to use it as a chatbox, and be hitting refresh ad nauseum...)

Other than that I am thoroughly impressed, it looks great with my page colors and layout too.

an image

cor - 16.11.08 6:29 pm

My mistake was in adding the capability to have the script wipe the text field after a successful comment. I should have left *everything* as an exercise! It might not seem logical, but if you refresh a page like that, you are sending the previous request, again.

As it says within the notes, the comment example script lacks all the security and finesse of a full-blown comment facility (like the one we are using here), things like refresh-protection are still left as "an exercise". For a real, live comment facility, you would need to add quite a few things. For the refresh issue, though, I can suggest a couple of possible approaches..

You could interrogate the existing comments file. I included the facility to have html automatically inserted before and after each comment, so that's two known markers you can use to split the comment file into an array of individual entries (e.g. "<div class="comment">… " add more specific markers, as required), and from there, pluck out the user's text to compare with what's being posted. If they match, ignore the new post.

Or else, if everything went okay and the comment got written, present the user with a temporary page (as these comments do) where all the request variables can be flushed, and after a few seconds, the script redirects automatically back to a clean URL of itself.

Or something else.

As for your NAME property. Firstly, check you really do need to use a NAME property, and that an id wouldn't do just as well, if not better. If it will, then note you can send the id you want to give to your form from within the do_bb_form() function, so you never have to hack cbparser itself.

If you really do need to add a NAME property to your form, simply open cbparser in a text editor, do a search for "<form", and you'll see the part where cbparser spits out the form, add your NAME="whatever", right there. It won't affect cbparser's operation, though it may affect your page's validation, which may or may not matter to you.

Pretty much anything is possible, with a little imagination, and some work.

Looking good, so far!


numstruck - 16.11.08 9:26 pm

I think an id field will work fine... but I am a little confused about how to make
a the script present a temp page and then flush all the request variables.
(I can make an index page with an empty main <div>, just not sure about the rest)

I guess I really am a n00b to php. Sorry for the endless questions.

My biggest problem is using a free host, so I have to upload every test page.
Then when that doesn't work, delete them and start all over again...frustrating.

I have found plenty of other plain-jane comment scripts, but none compare to this.
Even more frustrating is knowing that someone like you could fix it in 5 minutes.smiley for :lol:

Oh well, I will keep hacking away and when I'm ready to smash my PC I'll come back
and beg and plead one more time, or give up and use some generic chat script.smiley for :erm:

At any rate, thanks for all your time, I've learned several things about php, css
and you have helped me regardless if the script works eventually or not.

Cheers and Regards,
an imagean imagean image

cor - 17.11.08 2:09 pm

Firstly, don't let your host get you down. If you are serious about making web sites, setup Apache on a local machine, and do all this stuff on a "development mirror". Creating back-end code on a live site isn't recommended.

If you want to know more about running a web server, check out the /serv/ part of this site.

While I'm here, one simple solution to your refresh problem, and in a lot less than five minutes..

header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);

Put that directly under the write_data(...) call, and the problem is solved; the page up to that point becomes your "temporary page" (it doesn't need to output anything!), and then php spits out a "Location" header which sends the browser to the new location (which just so happens to be the same location, except "fresh", without any user form data).


Note: For this to work, you would need to ensure that no data has been sent to the browser before the header() is sent.


p.s. I'll add this capability to the example script the next time I'm in there.

numstruck - 17.11.08 4:58 pm

Yuppers, worked perfect.
Again, (sigh), thank you so much.

Actually, I have downloaded Apache, and the latest PHP and MySQL, I have been searching for information on different things
I've read a few horror stories, so I've been putting off installing it all.

I want to understand it all enough to be sure I don't become a "server". smiley for :blank:
I've learned that I usually know just enough to be dangerous ( think regedit )
Add to that the fact that I am an alcoholic who has scrambled his brain with
45 years of a smörgåsbord drugs... well, you get the picture.

I'm sure there is some simple .htaccess trick to insure I never send any files
out into the world, but that is just one more subject that I need to learn.
So between learning html, css, php, mysql... eh, I'm sure you find this all
fascinating, but I have used up plenty of your time and ink already.

I did grab a copy of your remarkable distro machine...and copied the .htaccess tut.

Thanks again for the help, (and for suggesting EditPlus, what an awesome app)

an image

EDIT: Just in case you want to waste more time on me, I would also like to limit
the number of comments to say 30 - 50, so only the newest ones were shown, and
any older ones would simply be deleted...if that makes any sense at all.

cor - 18.11.08 12:01 pm

Hello again.

I don't think it's a waste, not if we are learning stuff. And who knows, your site may get huge, and you may even make a donation! smiley for ;)

The .htaccess "trick" that will prevent you from sharing your server with the world goes something like this..
deny from all
allow from
replace "" with whatever IP your client machine uses ( is fine if it's the same machine that Apache is running on). Having said that, it's probably easier to simply not allow access through your router/gateway.

As for your "show recent comments only"; firstly, are you sure you want to delete the old comments? Why not just keep them? Plain text doesn't take up a lot of space, and you would prevent pissing people off, destroying their work. Nomatter how trivial it might seem, time spent is time spent.

As to how to achieve the effect, there are a number of ways you could approach this. Personally, I would load the entire file into a string (you never have to worry about strings being "too big" with php). Then explode() it into an array of comments. Then remove all but the most recent x number of comments, and spit out what's left. The code for that would go something like this (replacing the include() command)..

//@include ($data_file);
$comment_page file_get_contents($data_file);
$comment_array explode('<div class="comment">'$comment_page);
if (
count($comment_array) > 30) {
$comment_array array_slice($comment_array, -30);  // show 30 most recent comments
$recent_comments implode('<div class="comment">'$comment_array);
'<div class="comment">',$recent_comments;
} else {

Some of that could be combined, made smaller, but I left it as-is because it's clearer. It basically does exactly what I just described, loading the file into a string, exploding that string into an array of posts, chopping off all but the most recent x posts, and then imploding it back into a string (using the same string of text we used to explode it in the first place). And finally, echoing the new string out as "recent comments", preceded by the string, '<div class="comment">', which was lost during the conversion.

The code will first check that the number of comments exceeds the preferred amount-per-page, and only kicks-in if that is the case. Otherwise it simply spits out the string. This will prevent validation errors with extra '<div class="comment">' strings being prepended to the comments when there was no processing done.

I'll add something like this into the example. See! While we're at it, we're making a rather good little comment script! Nothing is wasted!.

Have fun!


numstruck - 18.11.08 7:20 pm

I added this, replacing the @include ($data_file); section on my page,
but now it posts everything twice and gives a (can't send headers warning)...

do I need to delete the echo $converted;, command just below it,

or would I change this...
write_data($data_file, $comment_pre.$converted.$comment_post);
to something like this...
write_data($recent_comments, $comment_pre.$converted.$comment_post);

or am I completely looking in the wrong direction?

I guess I should explain that instead of using the simple-comments.php page,
I cut out all of the code and pasted it in an empty main <div> on an index page.
(I also added most of your css to mine, so the page has all of my colors and layout)
It all works perfectly until this last change, so I am just not pasting this right,
or in the right place.

What I really like about this solution is that I could easily make an index2 page,
(without this block of code added), and add a link to "show all comments"...
as soon as they clicked any link it would default back to the index page again.

I'm beginning to see that installing apache and php is almost a necessity, I could
waste hours uploading dozens of test pages and still never find a solution.

I should just wait until you post the new examples...heck, since all of your
other apps are in the realm of perfection, (and you have already started on it)
you should just go ahead and add all the security and finesse of this one.
...or at least the bits that could be easily incorporated.

I know after days of searching dozens of scripting sites that a good comment script
is next to impossible to find, they are either a complete 'stand-alone' program,
or a bloated package of content management, neither of which can be easily added
to an existing page layout. So I think your script could be very useful and popular.

It already is better than anything else I have found...
an image

cor - 18.11.08 7:26 pm

Interestingly, as you were posting that, I was adding all these ideas, and others, into the example script! check it out..

while I read your post properly..


cor - 18.11.08 7:35 pm

smiley for :lol:

Well, I did exactly as you (were going to) ask! First, the "show only recent comments". You can set any number there, or 0, to have it always show all comments.

There's also an optional link; in fact, it's two links, that change automatically; either "show all comments", or "show only recent comments", depending on the current state. I used a simple $_GET variable for that, either it's set or it's not. It won't interfere with the form in any way, either.

I dunno how embeddable this is (is that a word?), but it's a simple enough design (though with cbparser in the mix, also quite feature-packed!), it should be easy enough to get it to play nice with most any standards compliant page. I would work backwards, pasting your index page into the comments script, simply replace my headers and such with your own content. I even have a php comment to show where the footer goes!

Or if your page is large and/or complex, simply remove the header parts from the example script, and paste everything else into your page. Or something like that; shouldn't be too tricky. The comment facility here at the org is designed to be "included" inside other pages, the example script simply does its own headers and such so that it works as a stand-alone demo - remove that stuff, and you're good to go.

But if you do have problems at this stage, feel free mail me a copy of your page (before and after you've added the comments code) and I'll take a look at it for you.

I might look into providing some kind of simple switch inside the comment script to have it stand-alone or embedded (like corzoogle and the distro machine have), we'll see. I don't want to make it *too* good, though. One day, I do plan to put out my own comment script, the one we are using here. But there's still a few things I'd like it to do before it goes public, and I've not been in any great hurry, imagining that there must already be zillions of capable comments script out there. But after reading your comments, I might have to re-think this and get a move-on!

Hopefully this wee example script will keep you going in the meantime.


p.s. YES! Install Apache. Do it now!

[edit]I went back in and enabled embedding. It's not an option, it just happens automatically, the script switching to stand-alone or embedded mode, as required, easily done. You could even access it both ways at once. Plus a few other wee improvements. If something like this really is needed, then here it is![/edit]

numstruck - 19.11.08 1:37 am


Sorry it took me so long to reply, I had downloaded the first script, had a
million problems...(again with the can't send headers errors. So like a fool
I tried hacking the parser itself...not a good plan. Then I deleted everything and
went back to the last version before the refresh script, it all worked again, so I
was coming back to ask how I might fix it...and shazam, you already have.
I downloaded the newest script, and it works like a finely crafted swiss timepiece.

Now some may think it is too much time to waste on a simple comment script, but I
think it is the little details that make a site worth returning to again and again.
Besides, I know many people will use it as a default chatroom, message board thingy.
(so for my site anyway, the refresh problem was key) and all the other features.

Tables, drop-caps, spans, boxes, references, formatting, colored code, smilies, lists,
headers, mail-mashing, anchors, floats, nesting, symbols, even a damn preview...


Thank You, Thank You, Thank You
an image

Interesting effect, spanning an image with a box... smiley for :lol:
PS - as soon as I have a few spare drachmas I will send them your way

numstruck - 19.11.08 5:25 am

FYI - on your bbtags page you say to add any examples that you're missing,
but there is no PUBLISH button, only a preview here they are...

They are the 2 animated tags, blink and scroll (or marquee actually)
[blink] [/blink]

[marquee] [/marquee]

With the proper modifiers scroll can be faster or slower, l-r, r-l, or even delayed.
<marquee direction='left' behaviour='scroll' scrollamount='4' scrolldelay='3'>

Just thought you might find them interesting or useful...or amusing if nothing else.smiley for :D

Another fascinating tidbit...color tags won't work inside of blink tags smiley for :roll:

an image

cor - 19.11.08 6:50 am

Haha! No, there are no such tags! What you have discovered, is "InfiniTags™", which basically enables you to construct bbcode tags on-the-fly, and have cbparser convert them to XHTML, or in this case, HTML. cbparser is filled with such hidden wonders!

Some tags you might create on-the-fly could be valid XHTML, but those definitely aren't, which is the main reason cbparser doesn't have them built-in. You can do BLINK in css and still have valid pages, I do this elsewhere on-site - but generally it's a tag folk avoid, with good reason!

By the way, there used to a "publish" button on the bbtags page, but it was getting out of hand, and folk kept posting tech questions about cbparser there, instead of here, so I just switched it to preview-only. There's a mail link for missing tags, now. I think I have them all, though.

I'm glad you like the comment script. Even though it's small, it's very capable; and with automatic embedding and such, highly usable; drop-in-and-go. It will be interesting to see where it pops up.

Thanks for the feedback!


numstruck - 19.11.08 6:32 pm

Well, I didn't exactly just discover them, I have used both for many years.
All of my old gallery pages had/have scrolling NO REPOST headers.
(which is why I knew you could used direction, speed, behavior, and delay modifiers)

They are deprecated now, but then so is the font tag, and millions use it regardless.
I don't really see any advantage of validating pages anyway, and have never bothered.
The validators themselves may be useful for finding errors in your code, but unless
you are creating websites for a customer who insists on valid pages, what is the appeal?
The most popular browser in the world, (micromush IE), isn't standards compliant anyway.

I have read a few debates on the subject, and they usually justify the validation with -
" the future...", which seems particularly humorous given IE's 15 year refusal to
adopt the standards compliant modes of all other modern browsers. (FireFox, OPERA, etc.)

But what really has me curious is, you say people avoid the tags "with good reason"
since I already know you are extremely web savvy, your opinion holds good weight.
I use both of these tags, (in html pages), on dozens of sites, and the blink tag will
work even in forums and shoutboxes. So what would be the point of avoiding using it?
... or deleting the examples for that matter. Not criticizing mind you, just curious.
I can see maybe changing the scroll since I hotlinked one of your own smilies, but
that still wouldn't explain deleting the blinking example...

On another subject, I finally had a chance to browse around the rest of you site here,
and of course discovered even more of your remarkable collection of assorted goodies.
Your blog is an especially fascinating read, I wish I had more time for the archives.
Anyhoo, I have used up enough ink for now, cheers and regards,

an image

cor - 19.11.08 8:53 pm

Oh, I could tell you had plenty of experience with the marquee tag! The discovery I was referring to, was InfiniTags™, which enables you to make up tags on-the-spot, even tags which are not built-in to cbparser. You see? You can even use [font]!

But if you do, I'll edit your post afterwards, and switch it for a valid css statement! Please don't take the deletions personally, I regularly delete whole posts, if I think they add nothing to the site and/or are pointless, or just because. I figured your point was well made without actual smileys scrolling across the page! Like lots of people, I find things flashing and moving on web pages quite distracting, which is why I earlier said, with good reason.

As I implied, you can still do perfectly valid blinking with CSS, and I do use it myself on the voyager router pages, once, where I want to REALLY grab their attention. I don't condemn its use, but I wouldn't encourage it, either. It all depends on the site and its content. In a fun chat page, loads of blinking isn't so bad. I generally associate blinking text with Religio-Jesus Sites.

As for XHTML and page validation; the biggest reason, for me, is that I can create simple, lightweight, easy-to-edit pages that are guaranteed to render in any standards-compliant device. More and more this is becoming important, even crucial, as web browsing is less and less something we do only on the desktop.

Most HTML4 is a soup of half-standard-compliant, half-proprietary tags, a confusing mess which is a very real challenge to render on a memory-starved, or CPU-starved device, as many smaller devices are. A device designed to go into, for example, space, isn't going to have gobs of spare memory and cpu capacity; it will be designed to be as efficient as possible, to use as little power as possible. Using less power is, of course, generally a good thing on Earth, too.

The XHTML+CSS model follows this design ethic by having a relatively small number of tags, which is therefor easy to parse, and easy to render. Moving style out of the content, and into included style sheets, again, creates a more efficient structure, geared towards rendering simplicity. Simplicity is good, not only because it makes working on your pages a helluva lot easier, it makes life for the browser easier, too.

IE might not be standards-compliant, per-se, but it is, up to a point, capable of rendering a simple standards-compliant page, and continuously improving in that area, but like most desktop browsers; Opera, Firefox, and so on, can also render pretty much any code, work around most errors to produce a highly readable page from any old jumble of HTML, but that's definitely not true of every platform, or every environment, right now.

For starters, spiders like simple, valid pages. If you want to have pages that are guaranteed to be spidered effectively, validation is a must. When I switched over to XHTML and started validating, I got an across-the-board hike in my Google rankings. And Google is one of the most advanced web bots in the world. Think about it; valid pages makes for better search engine rankings, even with Google - Like most desktop browsers, Google is expert at seeing through webmaster errors. Most bots are brain-dead by comparison..

Yes, Firefox et-al, will be spot that Oops! you forgot to close a div, and will correct this for you, visually. But unless you validate your page, you won't know about it. Then, along comes "SomeBot", which like all bots, sees your page as no more than one big string of text. Sadly, it isn't Firefox-in-a-bot, and so doesn't realize that you actually meant to close that div, and treats the rest of your page as div properties, ignores it. Same goes for wap-converter gateways trying to parse your content for cell phones, TV set-top browsers, etc.

If you install the Firefox "TIDY" plugin, you can see at-a-glance if a particular page is valid - if not, a big red X catches your eye. Be warned, though; if you do install it, and someone posts a <font> tag, or similar deprecated tag on your page*, you will have an almost uncontrollable urge to go in and switch it for a css class! smiley for :lol: Same goes for other deprecated tags!

As well as spiders (which make up a sizable proportion of modern web traffic), web content, in general, is more and more being scraped and utilized in a variety of unforeseen ways. Simple, standards-compliant, valid pages make this process relatively painless, and you may find your site being enjoyed and promoted in all sorts of places, on all sorts of interesting devices.

The shift to XHTML as the de-facto standard web language importantly signals a shift in our working style, the beginnings of discipline in our web coding. Sure, a lot of the design principles of strict XHTML + CSS, you could also adopt with regular HTML4+CSS, but people just don't. Old habits die hard.

Beginning (again) with XHTML is a chance to free ourselves from old-school limited (and limiting) thinking; layout with tables, styling with endless font tags, and so on - and thereby unleash our imaginations. Thinking back to when I used to have to edit these pages, it gives me the shivvers! Even trying to locate sections gave me a headache.

And don't forget screen-readers for the visually impaired. smiley for :ken:

Anyhoo, those are the main reasons I stand at this side of the HTML Vs XHTML debate**.

I seem to have gone off on one!

Glad you liked the blog; I recommend the archives on one of those hazy mornings after a party or gig. Let it wash over the mind. And never forget; just because it validates, doesn't mean it's valid!


If you still use HTML4 (or 3!) pages then the old tags not deprecated. Only if you have upgraded your pages to XHTML are they no longer valid. The blink tag was never valid, by the way; it's a proprietary Netscape tag. Marquee was Microsoft, I think. Other browsers and web entities may or may not recognize and implement them. And that's what was so wrong with non-standard tags.

** And don't get me started on the pure benefits of coding in XHTML. Not just design clarity and ease of editing, but extensibility; the ability to throw in other kinds of markup, even define namespaces and incorporate totally new kinds of markup at will. And don't forget automatic XML document conversion, so you could deliver your stuff as PDF, or SVG, and more, much more. The future is NOW!

numstruck - 20.11.08 8:21 pm

Hmmm, a very thorough explanation.

I suppose my problem is that my target audience is never going to be pda's or webTV,
they aren't going to be using screen-readers or browsing from outer space.

99.9% of them will be using OPERA or FireFox, and would think XML was a porno site.

Likewise, I'm not interested in ranks or SEO, in fact I hope to ban spiders completely.
(The last thing I need is web-crawlers using my limited free bandwidth)

It actually seems strange to me that something as useful as marquee would not be
included in web standards, even my digital watch can scroll numbers on the screen.
I suspect it has more to do with pushing technology like flash and java applets that
waste gigabytes of bandwidth and that the average user has no idea how to control.

It's a matter of perspective I guess, some say the web is becoming more "user friendly"
I say just the opposite is true. But I am admittedly biased, I think flash and java
are really nothing more than legal viruses, and most websites are only concerned with
advertising and tracking the users who visit them.

Sites like yours do give me some hope tho, not only offering free software and downloads,
but also giving advice and interacting with the people who wish to use that software.
I'm sure there are many in the industry who would happily see sites like this disappear,
along with all of the P2P, torrents, warez, hackers, crackers, tech-forums, security &
proxy sites, free file hosts, picture sharing sites, you-tube rippers, and a miriad of
other free and useful sites, forums and applications.

They would happily see the day that you first pay for a PC, then pay for a browser, then
pay for an ISP, then pay for every MB of bandwidth, then pay for the speed at which you
use that bandwidth, then pay for every application and program you use once you are
connected, then pay for any content you view, and pay again if you wish to save it. smiley for :roll:

But that day isn't here yet, and I hope my site will push it further into the future.

Time to fly, almost out of ink again...

an image

numstruck - 03.12.08 8:48 am

Hey Again,

I wonder if you might help me with a piece of code driving me insane...
I have installed a flat-file forum, and it doesn't display hotlinked thumbs.

In fact all of the "code" tags are basic html like <code> and <strong>
I checked their help forum and found this...

Open function_list.php and find function basic_html. It starts around line 680. Anywhere in that function, paste this:

preg_replace("#\<img\>(.*?)\</img\>#si",'<img src="\1" />',$text);

Then just enclose your images in <img> tags

It will work fine that way...
But what I really want is for it to turn something like this...


into a hotlinked thumbnail like..

<a href="" target=_blank><img src=""></a>

I have tried everything, can you help?
I just don't seem to be able to come up with the correct stringsmiley for :erm:

cor - 03.12.08 3:51 pm

Ahhh.. thanks for reminding me about that old section of code I meant to comment-out (or better yet, optionalize) in cbparser, the one where it slips into "legacy mode" during the html2bb() function when it discovers deprecated strings, like target=; makes it almost impossible to edit modern posts!

As to your issue, WTF? This has nothing to do with cbparser! Am I your free tech-dude now, or what? smiley for :lol:

Actually, it does have something to do with cbparser, because here's my answer; bypass that shoddy code, and use cbparser, instead. Really. It would be an easy project.


I'll have to have a rake in the post-dump log and see if I can fish it out. I could have sworn I posted it, but perhaps not. I remember being slightly intoxicated at the time. smiley for :roll: There was some server trouble recently, so there's no guarantee that particular log is still around, but I'll look, I promise.

Back to your [IMG] tags and such; I deduced that you are using Silentum message board. Why not drop into their forum and suggest; in the nicest possible way, of course; that their posting system is complete shite, and perhaps they should consider plugging in something like, oh, I dunno … cbparser? Or if that doesn't appeal to them, maybe just cooking up some basic bbcode themselves.

If they bite, simply wait for the update. If they don't, or you don't want to wait, plug in cbparser for yourself.



p.s. that's not a hot-link, this is a hot-link.

numstruck - 03.12.08 8:01 pm

Not sure where your reply went... I have that problem a LOT when I'm a "slightly intoxicated"

You deduce correctly that it is silentium board, and
Yeah, I know the post wasn't really about cbparser, but honestly, I figured you might have a solution.
Sorry for acting like you are free tech-support, it is just really hard to find someone to ask sh!t like this.

I have been to their forum, but even old questions go unanswered, I think the place is basically a ghostown.

Plugging in cbparser would be my dream come true solution, unfortunately I am totally clueless how to even begin.
I struggle with even simple rewrite rules like the one above, modifying the entire forum is out of my league.

On the bright side, they do give their permission to change "anything" in their README file.
So if you have time to explain how I might do it, (or waste five minutes and do it for me), I would be a very happy camper.

Heck, you already have the parser and the awesome comment script, you should just add a forum to your suite of offerings.
I bet you could make a forum script in no time that would be 100 times better anyway.
Finding a flat-file forum is as impossible as finding a decent comment script...

Cheers and Regards,
an image

PS - I probably wasn't clear about the hotlink thing, what I want is for people to be
able to post the regular forum code for thumbnails from sites like Imagevenue etc.
the codes that begin with [url= and have them display correctly as hotlinked thumbs.
EDIT: I just tested it with preview...cbparser doesn't display them either :(

cor - 04.12.08 3:44 pm

Aha! Here it is..

I said (slurred)..
The marquee is a proprietary tag. Microsoft thought it was a neat idea, and then implemented it in Internet Explorer (they assumed everyone used IE). I'm sure there are instances where it could be useful and effective on certain sites, but that's not the real issue.

I don't like to see flash in web pages, and don't use Java on-site, either, but these aren't the technologies behind the demise of these tags. The problem with proprietary tags is that, as a designer, you don't know a) if they will be supported by some other browser, and b) even if they are supported, there's no guarantee they will look anything like what you intended. This is bad for web designers and users alike. The problem with the marquee tag (and blink tag), in particular, is that it's almost universally hated. Really, lots of people find that stuff annoying. And some people simply can't read moving text.

The other problem was that back in the IE Vs Netscape days, with limited tags and unclear web standards, both crews were adding new tags every other day. Some tags were good, and were grudgingly adopted by the other side, many were not. But in reality, most modern desktop browsers support both blink and marquee tags these days, so as long as you don't mind about breaking standards, and annoying a few people (with no SEO, it will be a clique), feel free!

Designing to web standards means that, theoretically, I can create a page, and know, with a fair amount of certainty, that it will look a particular way, on all browsers. Actually, in practice, too - I was surprised, the last time I visited, by how remarkably similar looks on dozens of different browsers. This is definitely a good thing, and something that just wasn't possible a few years back. I keep things pretty simple; probably also has something to do with it.

Now to the money: Aside from the bandwidth (which should be unlimited and free, once connected), I think we *should* pay for everything else. Sadly, the free culture of the internet has made it extremely difficult for small developers to carve out a living - folk are so used to getting even the most expensive software for free. I love free stuff. I want software, and information, and everything that can be free, to be free. But I also want to put some money where it's due, reward good, hard work; that's how economies work.

As in many industries; TV and film, music and such, software companies have charged extortionate rates for their products. That software could cost tens of thousands of pounds is absurd. So your average guy isn't going to pay that for a program, or twenty bucks for an album; he gets a keygen, makes a tape, burns a disc, or whatever. He knows that Adobe are raking it in from corporate licensing, and sees nothing wrong with using Photoshop gratis. I don't use such apps, but I do tend to agree.

But when he applies the same thinking to those beautiful hand-crafted tool, such as one might find here at the org, he literally takes the food out of someone's mouth. For example, checksum, my best-of-class hashing app isn't the collective work of ten thousand volunteers all donating chunks of code, or the endeavours of a team of salaried software engineers; it's me, and hundreds of hours of my time, creating, conceiving, coding, web-designing, answering emails, tech support, comments, and so on; given for free. With a more balanced view of the worth of things in the net populace, people like me could actually make a living doing what we do best. If could have spent those hours working for a client, or employer, but then none of this would exist, and the Microsoft's of the world have won.

I'll carry on regardless, but aware that due to lack of consideration on the part of my guests, something's always gonna have to give. I've had to switch the comments off on many of my articles here because they were simply taking up so much time, and for no money, at all. I'm highly skilled, many say talented and more, and yet I don't even make a fraction of minimum wage from this site. If even 1% of my visitors donated just 10p, I could devote 100% of my time to putting work up here, as well as upgrade all my hardware, and have change!

One day, musicians will sell their music directly to their listeners; chat with them, get real. The prices will be way more real than now, too, and with the useless middle-third out of the equation, we'll get true, unfettered creativity from artists.

Obviously, I'm dreaming, smiley for :roll:
for now..


Unexpurgated! As to your Silentum issue, firstly, I did download that board when I first read your issue, but dropping it onto two different servers and having it simply not work wasn't a good start.

Opening the php files in my text editor was bad2, use of the "short open tag" <? rather than proper <?php tags means I got no syntax highlighting, for a start (I have it set this way so that I NEVER use short open tags, because they are plain silly), which I could have fixed easily enough, even for every file, if it wasn't for the fact that they kept skipping in and out of php throughout the files, which is always infuriating, at best - they even have an .htaccess file in there, so why not at least add a php short_open_tags flag? Anyways..

That's as far as I got. But from what I remember, you have a function called basic_html(). Essentially, you include cbparser at the top of the script (probably inside function_list.php would be fine) , and then inside the .php files (run a find-in-files on your text editor) you replace every instance of the term basic_html(something) with bb2html(something). Then give it a whirl!

Or even easier than that, though a bit of a nasty hack; you could drop a cbparser call directly into the basic_html() function, here's the entire conversion..

// at the top of the document..
include ($_SERVER['DOCUMENT_ROOT'].'/site/path/to/cbparser.php');

// then inside the function..
function basic_html($text) {
// function's other code ignored (already returned)..

Instructions on how to include and use cbparser are covered in greater depth inside cbparser.php itself - if you need more, open it in a text editor and have a read. If you have any issues performing the conversion, get back here with specifics, and I'll see what I can do to help.

I note we now occupy this entire page of comments! smiley for :lol:

Have fun!


p.s. what's the exact code for these thumbs you are trying to post? (put it in [pre] tags) - If it's just a question of using UPPER CASE tags at the end of your post, forget posting code; there was a bug in the bbcode lowercasing function, that only affected tags at the end of your post - it's now fixed, and an updated cbparser release is available in the beta folder.

numstruck - 05.12.08 11:18 pm

Well, I gave up on using Silentium, (or even finding a flat-file forum).
I'm sure your parser would work, I'm just not good enough to hack it.

So, that actually makes the issue of thumbs moot too...
But, just as a test...

an image

Yeah, working fine now...(gotta love janice) smiley for :D

PS- If you use small tags IE: url img etc. the parser gives an "open tags" error tho.

Not a big deal to me because 99.9% of everyone uses the first set of code anyway.
Anyway, enough about that (except thank-you for the updated release) smiley for :)

About the "rest" of your post...
I agree with very little of it, you may consider scrolling or blinking text annoying,
others would call it useful. Some would consider any font bigger than 12 pixels annoying
but that would be no reason to drop them from web standards. The same could be said for
colored text, or pictures or flash or backgrounds or smilies for that matter.
But there is really no point debating it, as you pointed out, they have been dropped
and yet all modern browsers will renderer them anyway. Quirks mode isn't going away
anytime soon I suspect. (At least not as long as IE is still around) lmao

About the money, opinion is split.
For example, if you were selling cbparser, I wouldn't be here. I only seek out freeware.
Or, if it is a program I really want like winRAR, I just find a cracked version.
Am I hurting RARlabs? NO, because I wouldn't buy it even if a crack wasn't available.

The same can be said for any digital media, I may download an mp3 I like, but I still
wouldn't buy the song even if mp3's weren't easily available. And in my humble opinion
musicians, (and actors, and software developers, and CEO's), are obscenely overpaid.
No one, I repeat NO ONE, is worth $500,000 a week, for anything or any reason.
The fact that some people actually make that kind of money just proves to me how
distubingly unintelligent most of the human race really is.

On the other hand, I believe someone like you, creating useful tools that are above and
beyond what is available anywhere else, should be able to make a decent living doing it.
And you shouldn't have to rely on donations, but I can't think of an equitable solution
besides you going to work for a software company, or becoming webwide popular and then
start charging...which of course would lead right back to cracks and piracy.

But to be completely honest, my earlier drunken rant was mostly about ISP's trying to
change the laws so they can degrade service for everyone who doesn't pay a premium.
They want a tiered system of bandwidth, and in many places it is already happening...
it will be the end of the web as we know it, and I'm glad I'm old enough that I'll
probably die before it happens. Gawd knows the rest of the fuckin planet is too wimpy
to stand up and demand equal access for everyone.

Anyhoo, thanks again for all your help. I may yet need to hack the parser into ... well
into some sort of forum script somehow... just not sure what it might be yet.

(insert imaginary marquee tag here)
an image
(/) smiley for :)

numstruck - 05.12.08 11:33 pm

PSS. It won't let me edit my post either now, I was going to insert a line-break in the
code so it didn't break the page width, but the parser just keeps returning the preview?

cor - 06.12.08 3:37 pm

Hahah! That's ironic! You've been messing up the page formatting with every post, adding line-breaks when none are required (the column is formatted automatically), and the one place where you do need them (inside [pre] tags), you leave them out! smiley for :lol:   I'll fix that.

As for case, no lower case tags are preferable every time (if you use UPPERCASE tags, they are converted to lowercase, anyway), and will not give any errors. What DOES, or rather did give errors, is when cbparser detects the string "smilie", where it switches to legacy smiley mode (I used to misspell it, too, back when cbparser was born), and THAT is probably what messed up your ability to edit your post. I've now fixed this, so that cbparser looks for the specific string used inside legacy smiley tags, rather than just the word itself, which people obviously still use. Eventually, I'll remove all these hacks.

Back to your flat file forum. Did you read my last post? THAT is the ENTIRE conversion process! Two lines of code; one at the top (just below the <?php tags) and the other, inside the function. Copy and paste two lines. Done. I know you can do it!

On the subject of flat-file massage boards in general, there are actually quite a few of them out there - I Googled and downloaded netzbrett, eforum, puszbaza and navboard, all supporting flat-files, and mostly with their own bbcode, to boot. There are others. But if you want to stick with Silentum, two lines of code gets you cbparser bbcode.


p.s. I quite like scrolling and blinking text in moderation, in the right place, I even use (XHTML-valid) blinking text elsewhere on site. But I am aware that for many people, it's a real accessibility issue. It all depends what the page is supposed to do; distraction isn't always a bad thing.

numstruck - 06.12.08 11:24 pm

Lol, yeah, I know the column is formatted, it's just habit to break my own lines.
Comes from the days before word-wrap, and using notepad for messages before posting.

I decided to try SimpleMachinesForum, it needs mySQL but if the forum gets big it is
probably a better option than having a giant text file anyway.

I have been telling a few people about Simple-Comments, so you might get a noticeable
bump in traffic to that page. (no spam, people specifically looking for a comment-script)

Anyway, just a quick stop this time...on my way to one of those "intoxicated" nights.

Cheers and Regards

an imagean imagean image

Marcus - 21.04.09 4:45 pm

Hi Cor,

First if all let me say, awesome job with the script! smiley for ;)

Im having som problems implementing the script with my blog and I hope you could help me out. To be more specific the script screwes with the new line entrys.

My text are sent to the database without converting nl2br.
I do not want any br's with the text in the database.
First when I print the database content (the post) on the blog do I run it through nr2br and the text shows up as it should in the browser.
I commented out this line in the top of the bb2html function so the script wont insert any br's for me.

$bb2html = str_replace("\r",'<br />', $bb2html);

Now when I want to edit my post, and I run it through your html2bb to view the bb code instead of html all text gets mashed togeather.
It seems to ignore my new lines in the database.



Ensure you are using the correct form of linebreak (POST forms require "\r\n"). Also, if you are storing your text in a database, it makes sense to store it in bbcode format, and convert to HTML only for page output. ;o) Cor

Alexmos - 21.04.09 6:08 pm

how do i know if the site's admin have changed the tags?How do i find the changed tags

Ask the admin. ;o) Cor

andri - 20.02.10 10:43 am

wow... i like this script, where can i download?

Jason Drawmer - 11.11.10 12:14 pm

Brilliant script - the best bb code scripts I could find up until now were regular expression based and to be honest, not very in depth. This is great and very customisable!

Jason Drawmer - 27.04.11 11:01 am

I'm noticing with my installation of this bbcode parser, that each line space is doubled, so for each click of the return key, <br /><br /> is returned, which makes my line spaces look a bit silly! Any idea why that might be?

There's no reason why cbparser would do this. Maybe your browser is screwed. ;o) Cor

Posting is currently disabled while I switch servers.

Welcome to!

If something isn't working, I'm probably improving it, try again in a minute. If it's still not working, please mail me!