Re: HTML ENTITIES

2011-08-31 Thread Miles J 
Then just strip_tags() before each insert.

Database size is irrelevant IMO.

On Aug 27, 11:42 pm, Prabha vathi  wrote:
> I am never going to use html. Then why should i increase database size?
>
>
>
>
>
>
>
>
>
> On Sun, Aug 28, 2011 at 10:09 AM, Miles J  wrote:
> > So whats your reasoning for not wanting HTML in the database?
>
> > Not like it can really break anything.
>
> > On Aug 27, 2:31 pm, Ryan Schmidt  wrote:
> > > On Aug 27, 2011, at 03:46, Prabha vathi wrote:
>
> > > > echo $html->link(
> > > >                 Sanitize::html($post_array['content'], array('remove'
> > => true)),
> > > >                 array(
> > > >                     'controller' => 'posts',
> > > >                     'action' => 'view',
> > > >                     'id' => $post_array['id'],
> > > >                     'quotes' =>
> > $this->Link->makeSeoUrl(Sanitize::html($post_array['content'],
> > array('remove' => true)))
> > > >                 ),
> > > >                 array('title' =>
> > substr(Sanitize::html($post_array['content'], array('remove' =>
> > true)),0,20)." ... Quotes of the day", 'class' => 'agrizlink')
> > > >             );
>
> > > > Now db has text like this - you're - but it is displayed like this -
> > you're in view.
> > > > But if there is no link, then it is working correctly. What is the
> > problem?
>
> > > Sanitize::html is escaping it once. Then $html->link is escaping it a
> > second time.
>
> > > Tell $html->link not to escape it that second time by passing false in
> > the $escapeTitle parameter.
>
> > >http://book.cakephp.org/view/1363/link
>
> > > Note, by the way, that "$html" is old CakePHP 1.2 syntax. For CakePHP
> > 1.3, you want to use "$this->Html" instead.
>
> > --
> > Our newest site for the community: CakePHP Video Tutorials
> >http://tv.cakephp.org
> > Check out the new CakePHP Questions sitehttp://ask.cakephp.organd help
> > others with their CakePHP related questions.
>
> > To unsubscribe from this group, send email to
> > cake-php+unsubscr...@googlegroups.com For more options, visit this group
> > athttp://groups.google.com/group/cake-php
>
> --
> --
> Prabhavathihttp://www.indiapublicforum.com

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-27 Thread Prabha vathi 
I am never going to use html. Then why should i increase database size?

On Sun, Aug 28, 2011 at 10:09 AM, Miles J  wrote:

> So whats your reasoning for not wanting HTML in the database?
>
> Not like it can really break anything.
>
> On Aug 27, 2:31 pm, Ryan Schmidt  wrote:
> > On Aug 27, 2011, at 03:46, Prabha vathi wrote:
> >
> > > echo $html->link(
> > > Sanitize::html($post_array['content'], array('remove'
> => true)),
> > > array(
> > > 'controller' => 'posts',
> > > 'action' => 'view',
> > > 'id' => $post_array['id'],
> > > 'quotes' =>
> $this->Link->makeSeoUrl(Sanitize::html($post_array['content'],
> array('remove' => true)))
> > > ),
> > > array('title' =>
> substr(Sanitize::html($post_array['content'], array('remove' =>
> true)),0,20)." ... Quotes of the day", 'class' => 'agrizlink')
> > > );
> >
> > > Now db has text like this - you're - but it is displayed like this -
> you're in view.
> > > But if there is no link, then it is working correctly. What is the
> problem?
> >
> > Sanitize::html is escaping it once. Then $html->link is escaping it a
> second time.
> >
> > Tell $html->link not to escape it that second time by passing false in
> the $escapeTitle parameter.
> >
> > http://book.cakephp.org/view/1363/link
> >
> > Note, by the way, that "$html" is old CakePHP 1.2 syntax. For CakePHP
> 1.3, you want to use "$this->Html" instead.
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com For more options, visit this group
> at http://groups.google.com/group/cake-php
>



-- 
-- 
Prabhavathi
http://www.indiapublicforum.com

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-27 Thread Miles J 
So whats your reasoning for not wanting HTML in the database?

Not like it can really break anything.

On Aug 27, 2:31 pm, Ryan Schmidt  wrote:
> On Aug 27, 2011, at 03:46, Prabha vathi wrote:
>
> > echo $html->link(
> >                 Sanitize::html($post_array['content'], array('remove' => 
> > true)),
> >                 array(
> >                     'controller' => 'posts',
> >                     'action' => 'view',
> >                     'id' => $post_array['id'],
> >                     'quotes' => 
> > $this->Link->makeSeoUrl(Sanitize::html($post_array['content'], 
> > array('remove' => true)))
> >                 ),
> >                 array('title' => 
> > substr(Sanitize::html($post_array['content'], array('remove' => 
> > true)),0,20)." ... Quotes of the day", 'class' => 'agrizlink')
> >             );
>
> > Now db has text like this - you're - but it is displayed like this - 
> > you're in view.
> > But if there is no link, then it is working correctly. What is the problem?
>
> Sanitize::html is escaping it once. Then $html->link is escaping it a second 
> time.
>
> Tell $html->link not to escape it that second time by passing false in the 
> $escapeTitle parameter.
>
> http://book.cakephp.org/view/1363/link
>
> Note, by the way, that "$html" is old CakePHP 1.2 syntax. For CakePHP 1.3, 
> you want to use "$this->Html" instead.

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-27 Thread Ryan Schmidt 

On Aug 27, 2011, at 03:46, Prabha vathi wrote:

> echo $html->link(
> Sanitize::html($post_array['content'], array('remove' => 
> true)), 
> array(
> 'controller' => 'posts',
> 'action' => 'view',
> 'id' => $post_array['id'],
> 'quotes' => 
> $this->Link->makeSeoUrl(Sanitize::html($post_array['content'], array('remove' 
> => true)))
> ),
> array('title' => 
> substr(Sanitize::html($post_array['content'], array('remove' => 
> true)),0,20)." ... Quotes of the day", 'class' => 'agrizlink')
> );
> 
> Now db has text like this - you're - but it is displayed like this - 
> you're in view. 
> But if there is no link, then it is working correctly. What is the problem?

Sanitize::html is escaping it once. Then $html->link is escaping it a second 
time.

Tell $html->link not to escape it that second time by passing false in the 
$escapeTitle parameter.

http://book.cakephp.org/view/1363/link

Note, by the way, that "$html" is old CakePHP 1.2 syntax. For CakePHP 1.3, you 
want to use "$this->Html" instead.


-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-27 Thread Ryan Schmidt 

On Aug 27, 2011, at 02:22, Prabha vathi wrote:

> What does h means?

http://book.cakephp.org/view/1132/h



-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-27 Thread Prabha vathi 
echo $html->link(
Sanitize::html($post_array['content'], array('remove' => 
true)), 
array(
'controller' => 'posts',
'action' => 'view',
'id' => $post_array['id'],
'quotes' => 
$this->Link->makeSeoUrl(Sanitize::html($post_array['content'], 
array('remove' => true)))
),
array('title' => 
substr(Sanitize::html($post_array['content'], array('remove' => 
true)),0,20)." ... Quotes of the day", 'class' => 'agrizlink')
);

Now db has text like this - you're - but it is displayed like this - 
you're in view. 
But if there is no link, then it is working correctly. What is the problem?

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-27 Thread Prabha vathi 
What does h means?

I am going to remove stripslashes and addslashes - Now what is the best to 
do in .tpl and elements page?
I prefer not to save html tags in db.

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread Miles J 
If you want to remove HTML, use strip_tags. Regardless, you should
just store the HTML version in the database and escape it on the front-
end so it cant be rendered. The only thing you need to do is SQL
injection protection, which cake does automatically.

On Aug 26, 2:47 pm, Ryan Schmidt  wrote:
> On Aug 26, 2011, at 15:39, Prabha vathi wrote:
>
> > It seems i read some wrong tutorial. :(
> > I have added few hundred of data in database. Is there anyway to fix it?
>
> Sure, but it's outside the scope of what CakePHP does. I'd dump the data to a 
> text file, search for all occurrences of the regular expression &[^;]+; and 
> then fix those database entries by hand. If there are many, I might write a 
> one-time script or set of UPDATE statements to fix things. Of course I'd 
> first fix the code and deploy it, so that no new bad entries get into the 
> database.
>
> > When i send the data to database, how do i strip the html tags? Should i 
> > use strip_tags?
>
> I'm not certain what the recommended way to do that in CakePHP is.

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread euromark 
depends on the situation

but in 99% of all cases:
dont sanitize, dont strip tags, dont do anything on save
simple use h() to remove html tags in the view where you output the
database content

echo h($user['User']['username']); etc


On 26 Aug., 23:47, Ryan Schmidt  wrote:
> On Aug 26, 2011, at 15:39, Prabha vathi wrote:
>
> > It seems i read some wrong tutorial. :(
> > I have added few hundred of data in database. Is there anyway to fix it?
>
> Sure, but it's outside the scope of what CakePHP does. I'd dump the data to a 
> text file, search for all occurrences of the regular expression &[^;]+; and 
> then fix those database entries by hand. If there are many, I might write a 
> one-time script or set of UPDATE statements to fix things. Of course I'd 
> first fix the code and deploy it, so that no new bad entries get into the 
> database.
>
> > When i send the data to database, how do i strip the html tags? Should i 
> > use strip_tags?
>
> I'm not certain what the recommended way to do that in CakePHP is.

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread Ryan Schmidt 

On Aug 26, 2011, at 15:39, Prabha vathi wrote:

> It seems i read some wrong tutorial. :(
> I have added few hundred of data in database. Is there anyway to fix it?

Sure, but it's outside the scope of what CakePHP does. I'd dump the data to a 
text file, search for all occurrences of the regular expression &[^;]+; and 
then fix those database entries by hand. If there are many, I might write a 
one-time script or set of UPDATE statements to fix things. Of course I'd first 
fix the code and deploy it, so that no new bad entries get into the database.


> When i send the data to database, how do i strip the html tags? Should i use 
> strip_tags?

I'm not certain what the recommended way to do that in CakePHP is.

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread Prabha vathi 
It seems i read some wrong tutorial. :(
I have added few hundred of data in database. Is there anyway to fix it?

When i send the data to database, how do i strip the html tags? Should i use
strip_tags?

On Sat, Aug 27, 2011 at 2:05 AM, Ryan Schmidt wrote:

>
> On Aug 26, 2011, at 15:26, Prabha vathi wrote:
>
> > $author_fields[Aut']['name'] =
> addslashes(Sanitize::html($this->data['Post']['name'],array('remove' =>
> true)));
> >
> > This is the insert line.
>
> Sanitize::html is for when you're outputting something to the page. It's
> not for use when storing in the database, and yes, I suspect that's the
> function that's converting your text to html entities.
>
> Your use of addslashes is unrelated to the problem you're reporting but
> most likely also incorrect. CakePHP knows how to encode data properly to
> talk to the database, and doesn't need you to add slashes for it.
>
>
>
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com For more options, visit this group
> at http://groups.google.com/group/cake-php
>



-- 
-- 
Prabhavathi
http://www.indiapublicforum.com

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread Ryan Schmidt 

On Aug 26, 2011, at 15:26, Prabha vathi wrote:

> $author_fields[Aut']['name'] = 
> addslashes(Sanitize::html($this->data['Post']['name'],array('remove' => 
> true)));
> 
> This is the insert line.

Sanitize::html is for when you're outputting something to the page. It's not 
for use when storing in the database, and yes, I suspect that's the function 
that's converting your text to html entities.

Your use of addslashes is unrelated to the problem you're reporting but most 
likely also incorrect. CakePHP knows how to encode data properly to talk to the 
database, and doesn't need you to add slashes for it.




-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread Prabha vathi 
$author_fields[Aut']['name'] =
addslashes(Sanitize::html($this->data['Post']['name'],array('remove' =>
true)));

This is the insert line.

On Sat, Aug 27, 2011 at 1:53 AM, Ryan Schmidt wrote:

>
> On Aug 26, 2011, at 14:03, Prabha vathi wrote:
>
> >
> http://www.quotesoftheday.co.in/famous-quotes/360/true-love-always-makes-a-man-better-no-matter-what-woman-inspires-it
> > You can find it here. Please check the author name. Why it is displaying
> like that?
> > If you are not able to load the link, This is the problem
> >
> > Instead of displaying the proper text, it is displaying the entity of
> that text in link
> >
> > link(
> > $author['name'], array(
> > 'controller' => 'auts',
> > 'action' => 'authors',
> > 'name' => $author['name']
> > ),
> > array('title' => $author['name'])
> > );
> > ?>
> > When i try to add escape => false i lose the link and it displays the
> correct name
>
> Sounds like something before this code is already escaping it. Perhaps it's
> even already escaped in the database (and it shouldn't be).
>
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com For more options, visit this group
> at http://groups.google.com/group/cake-php
>



-- 
-- 
Prabhavathi
http://www.indiapublicforum.com

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: HTML ENTITIES

2011-08-26 Thread Ryan Schmidt 

On Aug 26, 2011, at 14:03, Prabha vathi wrote:

> http://www.quotesoftheday.co.in/famous-quotes/360/true-love-always-makes-a-man-better-no-matter-what-woman-inspires-it
> You can find it here. Please check the author name. Why it is displaying like 
> that?
> If you are not able to load the link, This is the problem
> 
> Instead of displaying the proper text, it is displaying the entity of that 
> text in link
> 
> link(
> $author['name'], array(
> 'controller' => 'auts',
> 'action' => 'authors',
> 'name' => $author['name']
> ),
> array('title' => $author['name'])
> );
> ?>
> When i try to add escape => false i lose the link and it displays the correct 
> name

Sounds like something before this code is already escaping it. Perhaps it's 
even already escaped in the database (and it shouldn't be).


-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php

Re: html entities

2010-02-17 Thread Waterschaats 
Yes Thanks!

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: html entities

2010-02-17 Thread Sam Sherlock 
you need to add the option to escape the link and set to false so special
chars within the link are NOT escaped

http://dlmax.org/2007/04/02/cakephp-12-html-link-with-html-or-image/

$html->link($title
. $html->tag("span", null, array('class' =>
'test')), $url, array('escape' => false));
- S




On 17 February 2010 11:29, Waterschaats  wrote:

> I want a link with a span inside. like this:  href=''>linktext
>
> When I use this the span tags are converted to html entities( class="text">)
> $html->link($title . $html->tag("span", null, array('class' =>
> 'test')), $url);
>
> Check out the new CakePHP Questions site http://cakeqs.org and help others
> with their CakePHP related questions.
>
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To post to this group, send email to cake-php@googlegroups.com
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.comFor
>  more options, visit this group at
> http://groups.google.com/group/cake-php?hl=en
>

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Html entities

2009-12-02 Thread Ernesto 
i solved the problem.

the culprit was the Sanitize class

On 2 Dic, 11:49, euromark  wrote:
> if you used utf8 correctly, it would not do that...
>
> On 2 Dez., 08:55, Ernesto  wrote:
>
>
>
> > Hello.
>
> > i have a controller, a model and the usual add/remove/edit views
>
> > in the add view i have a simple form. here's the code
>
> > echo $form->input("Items.0.code");
> > echo $form->input("Items.0.description");
> > echo $form->input("Items.1.code");
> > echo $form->input("Items.1.description");
> > echo $form->input("Items.2.code");
> > echo $form->input("Items.2.description");
>
> > the description fields has good probability to contain a math symbol
> > or a comparison operator.
>
> > when i save my form Cake converts those symbols in html entities.
>
> > is there a way to avoid this?

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Html entities

2009-12-02 Thread euromark 
if you used utf8 correctly, it would not do that...


On 2 Dez., 08:55, Ernesto  wrote:
> Hello.
>
> i have a controller, a model and the usual add/remove/edit views
>
> in the add view i have a simple form. here's the code
>
> echo $form->input("Items.0.code");
> echo $form->input("Items.0.description");
> echo $form->input("Items.1.code");
> echo $form->input("Items.1.description");
> echo $form->input("Items.2.code");
> echo $form->input("Items.2.description");
>
> the description fields has good probability to contain a math symbol
> or a comparison operator.
>
> when i save my form Cake converts those symbols in html entities.
>
> is there a way to avoid this?

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en