Reputation: 2848
display HTML content from database with formatting in it
I have used wmd-editor in my cakephp v1.3 application.
The config which I have written is as follows:
wmd_options = {
output: "HTML",
lineLength: 40,
buttons: "bold italic | link blockquote code image | ol ul heading hr",
autostart: true
};
When I submit the form the HTML in the wmd enabled textarea is saved in the database with htmlentities() done to the text then it is decoded with html_entity_decode() method automatically.
but the text is displayed as it is including the HTML coding like this
<p><strong>hello dear friends</strong></p>\n\n<pre><code>I want to make sure that everything that you type is visible clearly.\nadasfafas\n</code></pre>\n\n<blockquote>\n <p>sadgsagasdgxcbxcbxc</p>\n</blockquote>\n\n<p><em>sadfgsgasdsgasgs</em></p>\n\n<p><b><a href="http://kumu.in">this is the link</a></b></p>
Please help me solve this problem
Thanks
Upvotes: 0
Views: 2888
Answers (2)
Reputation: 7525
For sanitization against XSS its generally better to save raw HTML in database without modification and sanitize at the time of output/display. Use Sanitize core library.
Upvotes: 1
Reputation: 382746
Since you have set the option as output: "HTML", is is saved as html, however you can use the strip_tags function to remove html tags from the text.
Upvotes: 0
Related Questions
- Cakephp 3.6.14: Display html formatted text in text field
- PHP HTML data format
- How to store formatted text with HTML tags to database and then display it?
- Insert HTML into php CakePHP
- How do I display html tag in texts from Database
- CakePHP Echoing HTML from Database
- How to output raw HTML in CakePHP 2.2?
- How to correctly display text from db which has HTML formatting and text formatting
- php to display text as html formated stored in database
- Do not render html formatting whitespace in the webpage