Re: Sanitize & html helper double converting htmlentities
This seems to be a real problem with me as well. I sanitize my array: $mrClean = new Sanitize(); $mrClean->cleanArray($this->data); It saves the phrase --> i'm here as i'm here into my database which is fine. But then when I use my helper to show a form->input() it returns: i'm here (that is the value printed through my web browser, not in the source code).. "escape"=>false doesn't work for me either - anyway, just my 2 cents cents --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Sanitize & html helper double converting htmlentities
glad to hear you're closer to the answer, keep us updated :-) On 6/26/07, mac joost <[EMAIL PROTECTED]> wrote: > > > Hi Jonathan, > > Thanks for the replies and getting me in a direction. > > Setting the "value" key in $html->input() doesn't work. The > htmlentities conversion, using the Cake h() function, is done way > furtheron ($html->input() calls _parseAttributes() in which calls > __formatAttribute()). What I did find there is the "escape" key! > > Setting "escape"=>false in the attribute array of $html->input() does > the trick! > > The only problem left is that a "\" will get double-escaped (Sanitize > wil escape it, after which de DBO also escapes it. > > On Jun 26, 5:13 pm, "Jonathan Langevin" <[EMAIL PROTECTED]> wrote: > > BTW, to further explain, when tagValue is called, that is when > htmlentities > > is executed. FYI :-) > > > > On 6/26/07, Jonathan Langevin <[EMAIL PROTECTED]> wrote: > > > > > > > > > ~line 406 of html.php (html helper, cake 1.1) > > > > > if (!isset($htmlAttributes['value'])) { > > > $htmlAttributes['value'] = $this->tagValue($fieldName); > > > } > > > > > looks like if you do the following, you'll avoid the htmlentities: > > > echo $html->input($modelName."/". > > > > > > $key, array("class"=>"text","value"=>"HTML HERE"), true); > > > > > On 6/26/07, mac joost <[EMAIL PROTECTED]> wrote: > > > > > > Thanks for the reply. > > > > > > I'm mainly using Cake 1.1. I need to change my templates to use Cake > > > > 1.2 and will maybe do this later this week. > > > > > > As for the code, it's quite straight forward: > > > > I have a classifieds_controller which adds a classified add to the > > > > database: > > > > /* part of function save() */ > > > > if(isset($this->params['data'])) { > > > > if($this->Classified->validates($this->params['data'])) { > > > > uses('sanitize'); > > > > $Sanitize = & new Sanitize(); > > > > $Sanitize->cleanArray($this->data['Classified']); > > > > $this->Classified->save($this->data); > > > > } > > > > } > > > > > > For my form (I use my manager plugin) the code is just: > > > > echo $html->input($modelName."/".$key, array("class"=>"text"), > true); > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Sanitize & html helper double converting htmlentities
Hi Jonathan, Thanks for the replies and getting me in a direction. Setting the "value" key in $html->input() doesn't work. The htmlentities conversion, using the Cake h() function, is done way furtheron ($html->input() calls _parseAttributes() in which calls __formatAttribute()). What I did find there is the "escape" key! Setting "escape"=>false in the attribute array of $html->input() does the trick! The only problem left is that a "\" will get double-escaped (Sanitize wil escape it, after which de DBO also escapes it. On Jun 26, 5:13 pm, "Jonathan Langevin" <[EMAIL PROTECTED]> wrote: > BTW, to further explain, when tagValue is called, that is when htmlentities > is executed. FYI :-) > > On 6/26/07, Jonathan Langevin <[EMAIL PROTECTED]> wrote: > > > > > ~line 406 of html.php (html helper, cake 1.1) > > > if (!isset($htmlAttributes['value'])) { > > $htmlAttributes['value'] = $this->tagValue($fieldName); > > } > > > looks like if you do the following, you'll avoid the htmlentities: > > echo $html->input($modelName."/". > > > > $key, array("class"=>"text","value"=>"HTML HERE"), true); > > > On 6/26/07, mac joost <[EMAIL PROTECTED]> wrote: > > > > Thanks for the reply. > > > > I'm mainly using Cake 1.1. I need to change my templates to use Cake > > > 1.2 and will maybe do this later this week. > > > > As for the code, it's quite straight forward: > > > I have a classifieds_controller which adds a classified add to the > > > database: > > > /* part of function save() */ > > > if(isset($this->params['data'])) { > > > if($this->Classified->validates($this->params['data'])) { > > > uses('sanitize'); > > > $Sanitize = & new Sanitize(); > > > $Sanitize->cleanArray($this->data['Classified']); > > > $this->Classified->save($this->data); > > > } > > > } > > > > For my form (I use my manager plugin) the code is just: > > > echo $html->input($modelName."/".$key, array("class"=>"text"), true); --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Sanitize & html helper double converting htmlentities
BTW, to further explain, when tagValue is called, that is when htmlentities is executed. FYI :-) On 6/26/07, Jonathan Langevin <[EMAIL PROTECTED]> wrote: > > ~line 406 of html.php (html helper, cake 1.1) > > if (!isset($htmlAttributes['value'])) { > $htmlAttributes['value'] = $this->tagValue($fieldName); > } > > > looks like if you do the following, you'll avoid the htmlentities: > echo $html->input($modelName."/". > > > > $key, array("class"=>"text","value"=>"HTML HERE"), true); > > > > On 6/26/07, mac joost <[EMAIL PROTECTED]> wrote: > > > > > > Thanks for the reply. > > > > I'm mainly using Cake 1.1. I need to change my templates to use Cake > > 1.2 and will maybe do this later this week. > > > > As for the code, it's quite straight forward: > > I have a classifieds_controller which adds a classified add to the > > database: > > /* part of function save() */ > > if(isset($this->params['data'])) { > > if($this->Classified->validates($this->params['data'])) { > > uses('sanitize'); > > $Sanitize = & new Sanitize(); > > $Sanitize->cleanArray($this->data['Classified']); > > $this->Classified->save($this->data); > > } > > } > > > > For my form (I use my manager plugin) the code is just: > > echo $html->input($modelName."/".$key, array("class"=>"text"), true); > > > > > > > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Sanitize & html helper double converting htmlentities
~line 406 of html.php (html helper, cake 1.1) if (!isset($htmlAttributes['value'])) { $htmlAttributes['value'] = $this->tagValue($fieldName); } looks like if you do the following, you'll avoid the htmlentities: echo $html->input($modelName."/". > > $key, array("class"=>"text","value"=>"HTML HERE"), true); On 6/26/07, mac joost <[EMAIL PROTECTED]> wrote: > > > Thanks for the reply. > > I'm mainly using Cake 1.1. I need to change my templates to use Cake > 1.2 and will maybe do this later this week. > > As for the code, it's quite straight forward: > I have a classifieds_controller which adds a classified add to the > database: > /* part of function save() */ > if(isset($this->params['data'])) { > if($this->Classified->validates($this->params['data'])) { > uses('sanitize'); > $Sanitize = & new Sanitize(); > $Sanitize->cleanArray($this->data['Classified']); > $this->Classified->save($this->data); > } > } > > For my form (I use my manager plugin) the code is just: > echo $html->input($modelName."/".$key, array("class"=>"text"), true); > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Sanitize & html helper double converting htmlentities
Thanks for the reply. I'm mainly using Cake 1.1. I need to change my templates to use Cake 1.2 and will maybe do this later this week. As for the code, it's quite straight forward: I have a classifieds_controller which adds a classified add to the database: /* part of function save() */ if(isset($this->params['data'])) { if($this->Classified->validates($this->params['data'])) { uses('sanitize'); $Sanitize = & new Sanitize(); $Sanitize->cleanArray($this->data['Classified']); $this->Classified->save($this->data); } } For my form (I use my manager plugin) the code is just: echo $html->input($modelName."/".$key, array("class"=>"text"), true); --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Sanitize & html helper double converting htmlentities
Can you give us snippets of your code, so we can see how you're using sanitize and html helper? Are you using Cake 1.2? BTW, sanitize doesn't use htmlentities, it uses a specific REGEX match, appears it functions similar to htmlentities (just fyi :-) ) On 6/26/07, mac joost <[EMAIL PROTECTED]> wrote: > > > Hi, > > When I use Sanitize to clean user-input and then create a form using > the html helper, 'special characters' like '&' get double converted: > - Sanitize converts '&' into '&', which is then stored in the > database. > - html helper functions convert '&' into '&'. > > I would like to use both these functionalities of CakePHP, but this > doesn't work for me. Any suggestions? > > Thanks! > > -- joost > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---