Thread: Storing HTML: HTML entities being rendered in that raw form
Hi all, I have stored HTML in a text field that I subsequently render on the web. However when I retrieve and render this data on the web I am getting the entities being rendered in their raw form, ie, instead of getting the '&' symbol when '&' is stored I'm getting the 'raw' '&'. I would be grateful if anyone can point out how I can get around this. Best
On 09/04/2009 17:27, linnewbie wrote: > I have stored HTML in a text field that I subsequently render on the > web. However when I retrieve and render this data on the web I am > getting the entities being rendered in their raw form, ie, instead of > getting the '&' symbol when '&' is stored I'm getting the 'raw' > '&'. Can you show us how you're storing the HTML? If you're sending the ampersands into the database as '&', then that's what's going to get stored, and so that's what you're going to get back. Postgres doesn't change '&' -> '&', you'll need to do that yourself before sending it to the database. Ray. ------------------------------------------------------------------ Raymond O'Donnell, Director of Music, Galway Cathedral, Ireland rod@iol.ie Galway Cathedral Recitals: http://www.galwaycathedral.org/recitals ------------------------------------------------------------------
On Apr 9, 2009, at 9:27 AM, linnewbie wrote: > Hi all, > > I have stored HTML in a text field that I subsequently render on the > web. However when I retrieve and render this data on the web I am > getting the entities being rendered in their raw form, ie, instead of > getting the '&' symbol when '&' is stored I'm getting the 'raw' > '&'. > > I would be grateful if anyone can point out how I can get around this. > It's a problem in your code, not the database. You're probably escaping it one time to many or unescaping it one time too few. Cheers, Steve
On Apr 9, 1:00 pm, st...@blighty.com (Steve Atkins) wrote: > On Apr 9, 2009, at 9:27 AM, linnewbie wrote: > > > Hi all, > > > I have stored HTML in a text field that I subsequently render on the > > web. However when I retrieve and render this data on the web I am > > getting the entities being rendered in their raw form, ie, instead of > > getting the '&' symbol when '&' is stored I'm getting the 'raw' > > '&'. > > > I would be grateful if anyone can point out how I can get around this. > > It's a problem in your code, not the database. You're probably > escaping it one time to many or unescaping it one time too few. > > Cheers, > Steve > > -- > Sent via pgsql-general mailing list (pgsql-gene...@postgresql.org) > To make changes to your subscription:http://www.postgresql.org/mailpref/pgsql-general To clarify, I am not escaping the string in any way. Say the page I am saving the database is the about us page form a company website. First, make a from to create the about us page in a text area field, then I copy the html from my text editor and past it ino this text area from. I then have a cgi script which takes the contents from the text area field and stores it in the database. What I have on disk would be: ................................ .............................. <p> Bonnie & Clyde</p> which would usually be rendered as: Bonnie & Clype but this is not happening, it's being rendered as: Bonnie & Clyde
linnewbie wrote: > What I have on disk would be: > > <p> Bonnie & Clyde</p> > > which would usually be rendered as: > > Bonnie & Clype > > but this is not happening, it's being rendered > as: > > Bonnie & Clyde There are only three options. 1. That is *not* what you have stored in the database, it's being escaped on the way in. 2. You aren't displaying what *is* stored in the database, it's being escaped on the way out. 3. You are rendering it as text, not HTML Break your problem into pieces and test each in turn. Store exactly that string and check it with psql. Examine exactly what you have when you read it from the database. Display two copies - one you have from the database and one you manually set in a variable. Do they differ? -- Richard Huxton Archonet Ltd
linnewbie wrote: > On Apr 9, 1:00 pm, st...@blighty.com (Steve Atkins) wrote: >> On Apr 9, 2009, at 9:27 AM, linnewbie wrote: >> >>> Hi all, >>> I have stored HTML in a text field that I subsequently render on the >>> web. However when I retrieve and render this data on the web I am >>> getting the entities being rendered in their raw form, ie, instead of >>> getting the '&' symbol when '&' is stored I'm getting the 'raw' >>> '&'. >>> I would be grateful if anyone can point out how I can get around this. >> It's a problem in your code, not the database. You're probably >> escaping it one time to many or unescaping it one time too few. >> >> Cheers, >> Steve >> >> -- >> Sent via pgsql-general mailing list (pgsql-gene...@postgresql.org) >> To make changes to your subscription:http://www.postgresql.org/mailpref/pgsql-general > > To clarify, I am not escaping the string in any way. > > Say the page I am saving the database is the about us page form a > company website. > First, make a from to create the about us page in a text area field, > then I copy the > html from my text editor and past it ino this text area from. I then > have a cgi script which > takes the contents from the text area field and stores it in the > database. > > What I have on disk would be: > > ................................ > .............................. > <p> Bonnie & Clyde</p> > > which would usually be rendered as: > > Bonnie & Clype > > but this is not happening, it's being rendered > as: > > Bonnie & Clyde That's because, as someone else suggested, something is quoting the &. In order to be rendered 'Bonnie & Clyde' by the browser, it needs to be 'Bonnie & Clyde' in the HTML (just view the HTML source from inside the browser). You haven't provided any detail on the rendering phase, BTW. .TM.