-1

When I edit a data value, the output it prints includes the HTML entity along with the value itself.

Example:

  • Expected text: Absence &
  • Obtained text: <p>Ausence &amp;</p>

I'm using Code Igniter 4 and MySQL for the database, and CKEditor text editor to modify the mentioned fields.

The collations that I use in the database is "utf8mb4_0900_ai_ci" and "utf8mb4_general_ci" in the fields "text type" of the table.

I've tried changing the collations of both the database and the tables to no avail in PhpMyAdmin.

Would someone know how to help me?

Thanks!!!

Mark Tolonen
  • 166,664
  • 26
  • 169
  • 251
Javier Mera
  • 1
  • 2
  • Log the value before and after editing. Looks like CKEditor is adding extra line breaks. – ejazazeem Dec 28 '22 at 11:24
  • But be careful how you "log the value" -- if you are logging through a browser, it will interpret the entities. Use `SELECT HEX(col) ...` to see what is really in the database. – Rick James Dec 28 '22 at 22:58
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Dec 29 '22 at 12:02

1 Answers1

0

Escaping field values

You may need to use HTML and characters such as quotes within your form elements. In order to do that safely, you’ll need to use common function esc().

Consider the following example:

<?php

$string = 'Here is a string containing "quoted" text.';

?>

<input type="text" name="myfield" value="<?= $string ?>" />

Since the above string contains a set of quotes, it will cause the form to break. The esc() function converts HTML special characters so that it can be used safely:

<input type="text" name="myfield" value="<?= esc($string) ?>" />
steven7mwesigwa
  • 5,701
  • 3
  • 20
  • 34