0
I have a small problem, when I use the jquery append to display elements returned from a php query.
Note: this is not the full append, it is a little extensive and I put only the part I need you to see.
$("#topics").append('<div class="topic_sumario">'+dados.sumario+'</div>')
The summary is a field in my table of topics that is added and edited with a textarea using tinymce, the problem is that when the append displays the summary it is showing all html tags coming from tinymce, example:
It’s like I’m not recognizing the tags and displaying everything as a string
I want you to recognize all the formatting tinymce does, such as Bold, Italic, or the embed of a video etc... but the way it is will not work
console.log(dados.sumario);shows what ? What information was actually stored in the database table ?– Isac
In the comic all is stored in utf8: "<p>test of <Strong>tags</Strong></p>" and the console.log displays exactly what is in the @Isac comic
– Leandro Silva Campos
<is the same thing as<so it’s just the representation of the character<and not the character itself. If you want you can literally replace what comes from the bank withreplacebut be careful that this can be dangerous when it comes to attacks XSS, that is, assuming that it is the user who inserts data into this table– Isac
But what are my options then beyond that? @Isac
– Leandro Silva Campos
The reason why characters are stored as
<and>instead of<and>is to prevent such attacks. If you are sure that you only have non-hazardous tags on the data (<script>would be one of the dangerous) so it is safe to do$("#topics").append('<div class="topic_sumario">'+dados.sumario.replace(/</g, '<').replace(/>/g, '>') +'</div>')– Isac
The answer below did not resolve?
– Sam
@In fact, I forgot to put as resolved.
– Leandro Silva Campos