nice approach... euromark.
On Nov 1, 9:23 am, "euromark (munich)" <dereurom...@googlemail.com>
wrote:
> way tooooo complicated
>
> dont sanitize it
> and use h() for output (text, varchar)
>
> that is way more handy than any other approach
>
> On 1 Nov., 06:44, Kyle Decot <kdec...@gmail.com> wrote:
>
> > Try echo $form->input("description",array("value"=>html_entity_decode(@
> > $this->data["Model"]["description"])));
>
> > On Oct 31, 5:29 pm, "Dave" <make.cake.b...@gmail.com> wrote:
>
> > > Can someone help me out with this fairly simple question.
>
> > > I am doing:
>
> > > $clean = new Sanitize();
> > > $this->data = $clean->clean($this->data);
>
> > > Now if a user enters quotes brackets or what not it gets converted to
> > > <script> which is fine for saving to the db I suppose. But when they
> > > go back to edit the entry the input is <script> how can i convert it
> > > back to what it was before? So it is readable.
> > > I want the data to be safe for the db but also be able to be editable by
> > > the
> > > end user.
>
> > > I tried echo $form->input(html_entity_decode('description'));but still
> > > comes
> > > out all mangled
>
> > > Thanks
>
> > > Dave
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
