| # |
May 27th 2016, 15:42 |
 nemmons |
a low-tech solution might be to use http://php.net/manual/en/function.strip-tags.php to strip out all html tags except the ones you specifically want to allow |
| # |
May 27th 2016, 15:41 |
nemmons |
@VzlaCaker sorry, i don't have any experience in letting users format text. |
| # |
May 27th 2016, 15:37 |
markstory |
d0rxy: https://github.com/cakephp/debug_kit/pull/421 |
| # |
May 27th 2016, 15:36 |
markstory |
that requires more sophisticated users though |
| # |
May 27th 2016, 15:36 |
markstory |
markdown |
| # |
May 27th 2016, 15:33 |
VzlaCaker |
I dont know how wordpress does it, I assume that it inserts html into the model as well. |
| # |
May 27th 2016, 15:31 |
VzlaCaker |
I mean, to avoid inserting html into the model directly |
| # |
May 27th 2016, 15:30 |
nemmons |
Do you have any recomendation for outputing html formatted text into the view other than using a wysiwyg editor for a client? Like a CMS. |
| # |
May 27th 2016, 15:12 |
Neon1024x |
Hello |
| # |
May 27th 2016, 14:51 |
nemmons |
hello |
| # |
May 27th 2016, 14:46 |
elboletaire |
hello |
| # |
May 27th 2016, 14:37 |
carlose119 |
hello |
| # |
May 27th 2016, 14:18 |
nemmons |
the safest way to do it would be to not put html in your database fields. then you can escape your database fields with h() |
| # |
May 27th 2016, 14:07 |
VzlaCaker |
is working now, but is this the safest way to do this? |
| # |
May 27th 2016, 14:07 |
Neon1024x |
Or hope that my name isn't "<script>alert('Ball bags')</script>" |
| # |
May 27th 2016, 14:06 |
VzlaCaker |
It doesnt have javascript |
| # |
May 27th 2016, 14:06 |
Neon1024x |
Remove the call to h() and hope that your html doesn't have javascript in it |
| # |
May 27th 2016, 14:06 |
slackebot |
Action: admad sighs |
| # |
May 27th 2016, 14:05 |
VzlaCaker |
What can I use to decode it? |
| # |
May 27th 2016, 14:02 |
admad |
*is |
| # |
May 27th 2016, 14:02 |
admad |
the whole point of `h()` method if to encode html entities |
| # |
May 27th 2016, 14:01 |
VzlaCaker |
<?= h($blog->description) ?> Is not working to echo html code =( the p tag gets translated like: andlt;pandgt; and in the view a plain <p> tag |
| # |
May 27th 2016, 13:52 |
admad |
arnis: almost none with opcode caching enabled, and even without it negligible |
| # |
May 27th 2016, 13:51 |
arnis |
hi. I was wondering if simply loading plugins do slow down things before I actualy start using them? |
| # |
May 27th 2016, 13:48 |
slackebot |
~tell aro about slack |
| # |
May 27th 2016, 13:48 |
slackebot |
Command sent from Slack by admad: |
| # |
May 27th 2016, 13:47 |
admad |
rossc: that would practically be a rewrite |
| # |
May 27th 2016, 13:46 |
Neon1024x |
So you probably don't want to wrap it with that |
| # |
May 27th 2016, 13:46 |
Neon1024x |
Using h() will escape your html |
| # |
May 27th 2016, 13:42 |
VzlaCaker |
not being converted. How do I echo html info from the model? |
| # |
May 27th 2016, 13:42 |
VzlaCaker |
Hello. I have Cake 3.2.8. I am using CKeditor to save html formatted text in the model. I want to retrieve that info, but it's not converting the html tags. In Cake 2.x I used echo html_entity_decode($variable['Model']['field']); to output that information just fine, but I get blank info in return this time. I've tried <?= $this->Text->autoParagraph(h($variable->field)); ?> in cake 3.2.8 but the html tags are |
| # |
May 27th 2016, 13:41 |
Neon1024x |
aro, http://cakesf.herokuapp.com/ |
| # |
May 27th 2016, 13:40 |
aro |
how do u get on slackbot |
| # |
May 27th 2016, 13:29 |
d0rxy |
yeah if I remove the line in beforeRender '->className('DebugKit.Ajax');' it all works :P |
| # |
May 27th 2016, 13:28 |
markstory |
I can fix debugkit today |
| # |
May 27th 2016, 13:28 |
markstory |
neato |
| # |
May 27th 2016, 13:28 |
rossc |
Anyone migrated 1.3 -> 3.0 |
| # |
May 27th 2016, 13:27 |
d0rxy |
the RequestHandler is correct in turning the responsetype into json, but then the AjaxView turns it into text/html and it has issues with rendering |
| # |
May 27th 2016, 13:26 |
d0rxy |
@markstory I think it might have to do with the AjaxView of DebugKit itself... |
| # |
May 27th 2016, 13:13 |
icyrizard |
Ah ok thanks for the info, I'll do that :) |
| # |
May 27th 2016, 13:08 |
d0rxy |
ah, ok I'll check out the request handler! :) |