| # |
May 27th 2016, 16:03 |
ionas |
;) |
| # |
May 27th 2016, 16:03 |
ionas |
nemmon better yet, install parsedown and let them use markdown |
| # |
May 27th 2016, 16:03 |
ionas |
and h() |
| # |
May 27th 2016, 16:03 |
ionas |
nemmons: HtmlPurifier (google for HTML5 + HTML Purifier), DomDocument, Tidy |
| # |
May 27th 2016, 16:03 |
max-86666 |
sure, i can do it in raw sql, but i'd like to keep the magic from cake |
| # |
May 27th 2016, 16:02 |
max-86666 |
i guess FIND_IN_SET() |
| # |
May 27th 2016, 16:02 |
 nemmons |
if you can't do it in SQL, then the ORM can't do it either |
| # |
May 27th 2016, 16:02 |
ionas |
~awesome |
| # |
May 27th 2016, 16:01 |
nemmons |
what he's asking you is, how would you write a SQL query to do what you want the CakeORM to do |
| # |
May 27th 2016, 16:01 |
max-86666 |
i'm quite stunned markstory is answering me, even if u can't help me :) |
| # |
May 27th 2016, 15:59 |
max-86666 |
i would like to use the Cake ORm to make my queries from controller, actually i use $critere = $this->Criteres->get($id, ['contain' => ['Users'] ]); |
| # |
May 27th 2016, 15:58 |
markstory |
What does a SQL query look like with these comma separated columns? |
| # |
May 27th 2016, 15:57 |
max-86666 |
in the initialize method of my table |
| # |
May 27th 2016, 15:56 |
markstory |
how do you write SQL to do your joins? |
| # |
May 27th 2016, 15:56 |
markstory |
You can't |
| # |
May 27th 2016, 15:55 |
max-86666 |
hellos everybedos, any clue on how i can link tables when foreign keys are store in a comma separated string ? (i can't change the DB design) |
| # |
May 27th 2016, 15:49 |
VzlaCaker |
@nemmons @ypnos thanks for your recommendations |
| # |
May 27th 2016, 15:46 |
ypnos |
you can also use htmlpurifier, see https://github.com/chrisShick/CakePHP3-HtmlPurifier |
| # |
May 27th 2016, 15:42 |
nemmons |
a low-tech solution might be to use http://php.net/manual/en/function.strip-tags.php to strip out all html tags except the ones you specifically want to allow |
| # |
May 27th 2016, 15:41 |
nemmons |
@VzlaCaker sorry, i don't have any experience in letting users format text. |
| # |
May 27th 2016, 15:37 |
markstory |
d0rxy: https://github.com/cakephp/debug_kit/pull/421 |
| # |
May 27th 2016, 15:36 |
markstory |
that requires more sophisticated users though |
| # |
May 27th 2016, 15:36 |
markstory |
markdown |
| # |
May 27th 2016, 15:33 |
VzlaCaker |
I dont know how wordpress does it, I assume that it inserts html into the model as well. |
| # |
May 27th 2016, 15:31 |
VzlaCaker |
I mean, to avoid inserting html into the model directly |
| # |
May 27th 2016, 15:30 |
nemmons |
Do you have any recomendation for outputing html formatted text into the view other than using a wysiwyg editor for a client? Like a CMS. |
| # |
May 27th 2016, 15:12 |
Neon1024x |
Hello |
| # |
May 27th 2016, 14:51 |
nemmons |
hello |
| # |
May 27th 2016, 14:46 |
elboletaire |
hello |
| # |
May 27th 2016, 14:37 |
carlose119 |
hello |
| # |
May 27th 2016, 14:18 |
nemmons |
the safest way to do it would be to not put html in your database fields. then you can escape your database fields with h() |
| # |
May 27th 2016, 14:07 |
VzlaCaker |
is working now, but is this the safest way to do this? |
| # |
May 27th 2016, 14:07 |
Neon1024x |
Or hope that my name isn't "<script>alert('Ball bags')</script>" |
| # |
May 27th 2016, 14:06 |
VzlaCaker |
It doesnt have javascript |
| # |
May 27th 2016, 14:06 |
Neon1024x |
Remove the call to h() and hope that your html doesn't have javascript in it |
| # |
May 27th 2016, 14:06 |
slackebot |
Action: admad sighs |
| # |
May 27th 2016, 14:05 |
VzlaCaker |
What can I use to decode it? |
| # |
May 27th 2016, 14:02 |
admad |
*is |
| # |
May 27th 2016, 14:02 |
admad |
the whole point of `h()` method if to encode html entities |
| # |
May 27th 2016, 14:01 |
VzlaCaker |
<?= h($blog->description) ?> Is not working to echo html code =( the p tag gets translated like: andlt;pandgt; and in the view a plain <p> tag |
| # |
May 27th 2016, 13:52 |
admad |
arnis: almost none with opcode caching enabled, and even without it negligible |