Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

html_entity_decode() isn't working properly?

EDIT: I solved it seconds after posting the question (sorry!) but can't accept an answer yet.

Hi folks,

Just a quick one. I have a PHP/CodeIgniter site and the user can edit their profile. I'm using CI's XSS Filtering and Active Record-based Models, so the data is escaped automatically.

It naturally displays fine on the profile page view, text such as "We'll see if this works" (the apostrophe in the we'll). However when the user goes to the Edit page, the input box (filled with the data in the DB) displays:

We'll see if this works

I thought I could get around it by setting the value of the input box to html_entity_decode($query->row('example_database_row')) but it still doesn't work. Am I misunderstanding something here?

Thanks!

Jack

like image 354
Jack Avatar asked Jul 25 '10 09:07

Jack


1 Answers

You can use html_entity_decode($query->row('example_database_row'), ENT_QUOTES).

However, I would advise against HTML encoding before you insert it into the database. Just encode it when you output it. It's better just storing the raw data in the database.

like image 86
Daniel Egeberg Avatar answered Oct 10 '22 22:10

Daniel Egeberg