[nycphp-talk] PHP function to execute HTML tags
Rob Marscher
rmarscher at beaffinitive.com
Wed Apr 4 03:10:12 EDT 2012
On Apr 3, 2012, at 5:44 PM, tuon1 at netzero.net wrote:
> Can you guys tell me what the PHP function that executes HTML tags when the content from the database contains HTML tags get dumped onto the webpage?
>
> What I am talking about is that when HTML tags got stored in the database, it gets treated like ordinary plain texts and when those plain texts get dumped onto the webpage, the browser treats or displays them as texts.
>
As Lester mentioned, it sounds like your html was escaped when it was stored to the database. Another possibiliy is that you are using some type of framework (like Zend, Symfony, Cake, etc) that is automatically escaping output. If you are using a framework, let us know what it is. Just a guess, but how about this:
echo stripslashes($html);
http://php.net/stripslashes
or if that doesn't work
echo html_entity_decode($html);
http://php.net/html_entity_decode
Just be very careful about this html in your database. If it's being entered by a user, that's a very common source of security exploits in php. You need to make sure to clean it in some way. HtmlPurifier is a library that can do this for you - http://htmlpurifier.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20120404/a2e0224b/attachment.html>
More information about the talk
mailing list