[symfony-users] Unescaping HTML content
Hi all, I have a Page model with a content property. This content contains HTML coming from the tinymce WYSIWYG editor, but when I do : ?php // ... echo $page-getContent(); // ? The HTML tags are escaped, which is good but I don't want Symfony to escape this one. Here is what I tried : ?php slot('title', $page-getTitle()); echo sfOutputEscaper::unescape($page-getContent()) ; ? But it doesn't work either... I even tried: var_dump($page-getContent()); just to check what I received, and even what is returned by var_dump( xdebug is installed and activated), is escaped ! pre class='xdebug-var-dump' dir='ltr'smallstring/small font color='#cc''lt;pgt;lt;stronggt;Lorem ipsum dolor sit ametlt;/stronggt;, consectetur adipiscing elit. Maecenas dapibus lobortis posuere. Vestibulum tempus commodo diam. Quisque suscipit fermentum lacus ac venenatis. Mauris ac nibh id purus eleifend accumsan sed vitae nulla. Vestibulum fermentum leo vitae odio rhoncus ac commodo orci sagittis. Ut pharetra neque id mauris tincidunt eu sodales felis sollicitudin. Mauris eu gravida nibh. Pellentesque eros risus, facilisis et interdum nec, fringilla a nisi. Fusce matti'.../font i(length=1089)/i /pre Is there anybody to explain it to me ? Thanks a lot ! Romain -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Unescaping HTML content
Hi, try $page-getContent('ESC_RAW'); or setup the default escaping behaviour in settings.yml check this: http://www.symfony-project.org/book/1_2/07-Inside-the-View-Layer#chapter_07_output_escaping Giorgio Mandolini 2010/3/11 Romain Pouclet pall...@gmail.com Hi all, I have a Page model with a content property. This content contains HTML coming from the tinymce WYSIWYG editor, but when I do : ?php // ... echo $page-getContent(); // ? The HTML tags are escaped, which is good but I don't want Symfony to escape this one. Here is what I tried : ?php slot('title', $page-getTitle()); echo sfOutputEscaper::unescape($page-getContent()) ; ? But it doesn't work either... I even tried: var_dump($page-getContent()); just to check what I received, and even what is returned by var_dump( xdebug is installed and activated), is escaped ! pre class='xdebug-var-dump' dir='ltr'smallstring/small font color='#cc''lt;pgt;lt;stronggt;Lorem ipsum dolor sit ametlt;/stronggt;, consectetur adipiscing elit. Maecenas dapibus lobortis posuere. Vestibulum tempus commodo diam. Quisque suscipit fermentum lacus ac venenatis. Mauris ac nibh id purus eleifend accumsan sed vitae nulla. Vestibulum fermentum leo vitae odio rhoncus ac commodo orci sagittis. Ut pharetra neque id mauris tincidunt eu sodales felis sollicitudin. Mauris eu gravida nibh. Pellentesque eros risus, facilisis et interdum nec, fringilla a nisi. Fusce matti'.../font i(length=1089)/i /pre Is there anybody to explain it to me ? Thanks a lot ! Romain -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.comsymfony-users%2bunsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Unescaping HTML content
It does not change anything, I really don't get why and more importantly why my $page variable classname is sfOutputEscaperIteratorDecorator? That doesn't make any sense :/ I tried to deactivate the escaping, and I got my HTML properly displayed, the problem is somewhere else... Le 11 mars 2010 à 15:04, Giorgio Mandolini a écrit : Hi, try $page-getContent('ESC_RAW'); or setup the default escaping behaviour in settings.yml check this: http://www.symfony-project.org/book/1_2/07-Inside-the-View-Layer#chapter_07_output_escaping Giorgio Mandolini 2010/3/11 Romain Pouclet pall...@gmail.com Hi all, I have a Page model with a content property. This content contains HTML coming from the tinymce WYSIWYG editor, but when I do : ?php // ... echo $page-getContent(); // ? The HTML tags are escaped, which is good but I don't want Symfony to escape this one. Here is what I tried : ?php slot('title', $page-getTitle()); echo sfOutputEscaper::unescape($page-getContent()) ; ? But it doesn't work either... I even tried: var_dump($page-getContent()); just to check what I received, and even what is returned by var_dump( xdebug is installed and activated), is escaped ! pre class='xdebug-var-dump' dir='ltr'smallstring/small font color='#cc''lt;pgt;lt;stronggt;Lorem ipsum dolor sit ametlt;/stronggt;, consectetur adipiscing elit. Maecenas dapibus lobortis posuere. Vestibulum tempus commodo diam. Quisque suscipit fermentum lacus ac venenatis. Mauris ac nibh id purus eleifend accumsan sed vitae nulla. Vestibulum fermentum leo vitae odio rhoncus ac commodo orci sagittis. Ut pharetra neque id mauris tincidunt eu sodales felis sollicitudin. Mauris eu gravida nibh. Pellentesque eros risus, facilisis et interdum nec, fringilla a nisi. Fusce matti'.../font i(length=1089)/i /pre Is there anybody to explain it to me ? Thanks a lot ! Romain -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Unescaping HTML content
It's because objects and variable are escaped before being passed to the view. Are you echoing your content inside a slot (or partial?) that might be automatically or manually escaped after that? On Thu, Mar 11, 2010 at 4:52 PM, Romain Pouclet pall...@gmail.com wrote: It does not change anything, I really don't get why and more importantly why my $page variable classname is sfOutputEscaperIteratorDecorator? That doesn't make any sense :/ I tried to deactivate the escaping, and I got my HTML properly displayed, the problem is somewhere else... Le 11 mars 2010 à 15:04, Giorgio Mandolini a écrit : Hi, try $page-getContent('ESC_RAW'); or setup the default escaping behaviour in settings.yml check this: http://www.symfony-project.org/book/1_2/07-Inside-the-View-Layer#chapter_07_output_escaping Giorgio Mandolini 2010/3/11 Romain Pouclet pall...@gmail.com Hi all, I have a Page model with a content property. This content contains HTML coming from the tinymce WYSIWYG editor, but when I do : ?php // ... echo $page-getContent(); // ? The HTML tags are escaped, which is good but I don't want Symfony to escape this one. Here is what I tried : ?php slot('title', $page-getTitle()); echo sfOutputEscaper::unescape($page-getContent()) ; ? But it doesn't work either... I even tried: var_dump($page-getContent()); just to check what I received, and even what is returned by var_dump( xdebug is installed and activated), is escaped ! pre class='xdebug-var-dump' dir='ltr'smallstring/small font color='#cc''lt;pgt;lt;stronggt;Lorem ipsum dolor sit ametlt;/stronggt;, consectetur adipiscing elit. Maecenas dapibus lobortis posuere. Vestibulum tempus commodo diam. Quisque suscipit fermentum lacus ac venenatis. Mauris ac nibh id purus eleifend accumsan sed vitae nulla. Vestibulum fermentum leo vitae odio rhoncus ac commodo orci sagittis. Ut pharetra neque id mauris tincidunt eu sodales felis sollicitudin. Mauris eu gravida nibh. Pellentesque eros risus, facilisis et interdum nec, fringilla a nisi. Fusce matti'.../font i(length=1089)/i /pre Is there anybody to explain it to me ? Thanks a lot ! Romain -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Unescaping HTML content
I finally figured it out, this is what I found when I looked at my colleague layout.php : http://up.r12t.fr/94fc46c2.png He was passing $sf_content to a partial, so escaping then unescaping in my template, and finally re-escaping in the partial T_T Thanks for your time anyway :) Le 11 mars 2010 à 16:59, Marc Weistroff a écrit : It's because objects and variable are escaped before being passed to the view. Are you echoing your content inside a slot (or partial?) that might be automatically or manually escaped after that? On Thu, Mar 11, 2010 at 4:52 PM, Romain Pouclet pall...@gmail.com wrote: It does not change anything, I really don't get why and more importantly why my $page variable classname is sfOutputEscaperIteratorDecorator? That doesn't make any sense :/ I tried to deactivate the escaping, and I got my HTML properly displayed, the problem is somewhere else... Le 11 mars 2010 à 15:04, Giorgio Mandolini a écrit : Hi, try $page-getContent('ESC_RAW'); or setup the default escaping behaviour in settings.yml check this: http://www.symfony-project.org/book/1_2/07-Inside-the-View-Layer#chapter_07_output_escaping Giorgio Mandolini 2010/3/11 Romain Pouclet pall...@gmail.com Hi all, I have a Page model with a content property. This content contains HTML coming from the tinymce WYSIWYG editor, but when I do : ?php // ... echo $page-getContent(); // ? The HTML tags are escaped, which is good but I don't want Symfony to escape this one. Here is what I tried : ?php slot('title', $page-getTitle()); echo sfOutputEscaper::unescape($page-getContent()) ; ? But it doesn't work either... I even tried: var_dump($page-getContent()); just to check what I received, and even what is returned by var_dump( xdebug is installed and activated), is escaped ! pre class='xdebug-var-dump' dir='ltr'smallstring/small font color='#cc''lt;pgt;lt;stronggt;Lorem ipsum dolor sit ametlt;/stronggt;, consectetur adipiscing elit. Maecenas dapibus lobortis posuere. Vestibulum tempus commodo diam. Quisque suscipit fermentum lacus ac venenatis. Mauris ac nibh id purus eleifend accumsan sed vitae nulla. Vestibulum fermentum leo vitae odio rhoncus ac commodo orci sagittis. Ut pharetra neque id mauris tincidunt eu sodales felis sollicitudin. Mauris eu gravida nibh. Pellentesque eros risus, facilisis et interdum nec, fringilla a nisi. Fusce matti'.../font i(length=1089)/i /pre Is there anybody to explain it to me ? Thanks a lot ! Romain -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en