2

I am making a content entry with TinyMCE in codeigniter. However the output source is like the following and does not show < and >. Instead it shows HTML enties like &lessthan; and &greaterthan; etc.

The entry is made by admin after logged in.

Output comes from database.

I took out escape in model, but it still does the same thing.

Also I have a config setting, $config['global_xss_filtering'] = FALSE;

So I want to add html_entity_decode. But the $page_data is an array. The array has id, title, content and slug which is used for page item.

Could anyone tell me how to do it please?

Output example:

&lt;p&gt;&lt;img src=&quot;images/icon1.png&quot; border=&quot;0&quot;
alt=&quot;icon&quot; width=&quot;48&quot; height=&quot;48&quot; /&gt;
Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Model code:

<?php

class Pagemodel extends Model 
{
....
...

/** 
* Return an array of a page — used in the front end
*
* @access public
* @param string
* @return array
*/
function fetch($slug)
{
    $query = $this->db->query("SELECT * FROM `pages` WHERE `slug` = '$slug'");
    return $query->result_array();
}


...
...

}

?>

Controller code:

function index()
{
    $page_slug = $this->uri->segment('2'); // Grab the URI segment

    if($page_slug === FALSE)
    {
        $page_slug = 'home';
    }

$page_data = $this->pages->fetch($page_slug); // Pull the page data from the database

    if($page_data === FALSE)
    {
        show_404(); // Show a 404 if no page exists
    }
    else
    {
        $this->_view('index', $page_data[0]);
    }
}
Improve this question
4
  • where does the output come from? From the database? Or from your view? Commented Sep 28, 2009 at 6:43
  • Beware of suppressing the conversion; it is there for your protection. Commented Sep 28, 2009 at 7:18
  • @Natrium: It comes from database and I added the model. @Jonathan: As I added in the original post, the entry is done after logged in, so it should be ok. Commented Sep 28, 2009 at 7:50
  • Why do you use character entity references in the first place? Commented Sep 28, 2009 at 10:53

2 Answers 2

Reset to default
1

If I got you correctly you want to pass 'html_entity_decode.' to all fields that are returned from your database. You can easily add something to your fetch function:

function fetch($slug)
{
    $query = $this->db->query("SELECT * FROM `pages` WHERE `slug` = '$slug'");
    for($i=0; $i<$query->num_rows(); $i++)
    {
        $html_decoded[$i]['id'] = html_entity_decode($query->id);
        $html_decoded[$i]['title'] = html_entity_decode($query->title);
        $html_decoded[$i]['content'] = html_entity_decode($query->content);
        $html_decoded[$i]['slug'] = html_entity_decode($query->slug);
    }

    return  $html_decoded;
}

If I got your question right that should do what you want.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

If you prefer avoid cycling on the resultset, you can use the facilities of

array_map()

and do something like this:

function fetch( $slug )
{
    $query = $this->db->query( "SELECT * FROM `pages` WHERE `slug` = '$slug'" );
    return array_map( array( $this, decodearray ), $query->result_array());
}

function decodearray( $myarray ){
    return html_entity_decode( $myarray,ENT_QUOTES );
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.