always the same^^ no sanitizing neccessary just use h($var) in the view
and for textareas nl2br(h($var)) thats all On 21 Aug., 16:55, ezekfred <[email protected]> wrote: > Hello, > > I'm having some issues with my views. > > add.ctp: echo $form->input('theanswer'); > view.ctp: echo $data['theanswer']; > > in my database theanswer is a TEXT field > > I just want to allow people make use of carriage return, > I want to display these CR in view.ctp and index.ctp > but I don't want them to write scripts like <script>alert > ("EXPLETIVES!!!")</script> > > I've tried to sanitize::clean the input, to sanitize::html the output > but I'm unable to get an output like that: > "Line1 > Line2 > ...." > > Has anyone an idea? > > thanks for your help! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
