0

I've been trying to echo html already created by the user (Using TinyMCE) into another page in the application. The problem I keep running into is the tags are echoed into their HTML equivalents (e.g. &gt; instead of <) so they show up on the page instead of effecting the markup.

How do I get CakePHP to display the content as HTML instead of just echoing it?

Improve this question
4
  • 3
    As a note, this is generally a very bad idea, since allowing users to input arbitrary HTML that gets displayed is the basis of XSS attacks. Commented Dec 28, 2012 at 15:35
  • 2
    You should show the code you use to echo the content. Helper functions generally have an escape => false option. Commented Dec 28, 2012 at 15:36
  • @Wooble Normally I would fear XSS attacks, but the input comes from trusted users and is displayed only to other trusted users. In future versions, I will filter out <script> tags and the like in the beforeFilter. Commented Dec 28, 2012 at 19:39
  • @Juhana I am just using an echo statement in the view. I tried to find a relevant helper method, but I could not. Commented Dec 28, 2012 at 19:40

1 Answer 1

Reset to default
2

Try using html_entity_decode.

echo html_entity_decode($theirHTML);
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

That did it! It's weird, I tried this before and it didn't work. Thanks so much!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.