way tooooo complicated dont sanitize it and use h() for output (text, varchar)
that is way more handy than any other approach On 1 Nov., 06:44, Kyle Decot <kdec...@gmail.com> wrote: > Try echo $form->input("description",array("value"=>html_entity_decode(@ > $this->data["Model"]["description"]))); > > On Oct 31, 5:29 pm, "Dave" <make.cake.b...@gmail.com> wrote: > > > Can someone help me out with this fairly simple question. > > > I am doing: > > > $clean = new Sanitize(); > > $this->data = $clean->clean($this->data); > > > Now if a user enters quotes brackets or what not it gets converted to > > <script> which is fine for saving to the db I suppose. But when they > > go back to edit the entry the input is <script> how can i convert it > > back to what it was before? So it is readable. > > I want the data to be safe for the db but also be able to be editable by the > > end user. > > > I tried echo $form->input(html_entity_decode('description'));but still comes > > out all mangled > > > Thanks > > > Dave --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---