Skip to content Skip to sidebar Skip to footer
Home / Bbcode / Ckeditor / Html / Php / Symfony1

Show Html Tags In Template - Symfony And Ckeditor. How Safety?

Post a Comment
i use Symfony 1.4 and Doctrine 1.2. I installed plugin http://www.symfony-project.org/plugins/sfCkPlugin if i add net data from form this working ok, but in template this show me

Solution 1:

This is happening because of the output escaper in symfony.

You can fix it by calling getRawValue() on the data:

$obj->getDesc()->getRawValue();

Bear in mind that if you do this, you need to ensure that the html/javascript/whatever else has been entered is safe to output on the page. If it's coming from a backend, you are probably ok. But if it's coming from end users, you should ensure you make it safe (block XSS attacks, prevent html that breaks the layout, etc). It's a big topic!

Post a Comment for "Show Html Tags In Template - Symfony And Ckeditor. How Safety?"