Tuesday, December 16, 2014

Re: Save not escape only field CakePHP 2

Actually, the save() etc don't modify your data.
They simply store it the same way you give it to them.
It might only be displayed this way in your sql backend.


Am Dienstag, 16. Dezember 2014 11:44:08 UTC+1 schrieb Rafael Queiroz:
It's a requirement for project, i have no details, just save and deliver data.
Thanks John.

On Mon, Dec 15, 2014 at 4:39 PM, John Andersen <j.ande...@gmail.com> wrote:
Hi Rafael

According to the CakePHP book 2.x, then CakePHP automatically escapes the Model::save and the Model::find methods, so that your data will be escaped and saved in the database, but will be un-escaped when you read it back again.

Near this location in the CakePHP book:
http://book.cakephp.org/2.0/en/models/retrieving-your-data.html#complex-find-conditions

There was no mention of a possibility to turn it off, but it did mention that you could use Model::query instead, although not recommended as it gives the possibility for SQL injection to happen.

Near this location in the CakePHP book:
http://book.cakephp.org/2.0/en/models/retrieving-your-data.html#model-query

Why do you need the content to be non-escaped in the database?
Enjoy, John


On Monday, 15 December 2014 15:11:50 UTC+2, Rafael Queiroz wrote:
Hi guys,

I mockup this data for save:

'Banner' => array(
    'title' => 'Test',
    'link' => 'test',
    'content' => '<div class="banner-content">
                    <div class="container">
                        <figure>
                            <img src="img/banner/desconto-10-novo.jpg" width="1000" height="292" alt="">
                        </figure>
                    </div>
                </div>',
    'start' => '2014-12-15',
    'expires' => '',
    'position' => '1',
    'active' => '1'
)

My problem happens after save, the content field in database:

'<div class=\"banner-content\">\n                        <div class=\"container\">\n                            <figure>\n                                <img src=\"img/banner/desconto-10-novo.jpg\" width=\"1000\" height=\"292\" alt=\"\">\n                            </figure>\n                        </div>\n                    </div>'

I don't want  escape only content field, i want save equal (===) to mockup data, any solutions? Thanks.


--
Regards,

Rafael F. Queiroz

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+u...@googlegroups.com.
To post to this group, send email to cake...@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.


--
Atenciosamente,

Rafael F. Queiroz

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.

No comments: