I've sanitized my form's input (textarea field) and when I display it on my view it comes out like this:
<p>I\'m in it to win it!! I\'m looking forward to playing the contest in <br />Contest Central. He aims to cross-pollinate the stage, screen and stereo <br />with work that speaks to both the humor and frustrations of modern life.</p>
In my controller I have this:
public function init(){
 $this->view->setEscape('html_entity_decode');
 $this->view->setEscape('stripslashes');
}
But only one works, if I erase one the setEscape then the other works and vice versa. So I开发者_Python百科 can get stripslashes to work if I put it first but html_entity_decode wont work and vice versa
You need to define your own function that should be used for escaping. For example, you can defined a class My_Tools in library/My/Tools.php as follows:
<?php
#Tools.php
class My_Tools {
    /**
     * My custom escape function
     *
     * @param string $str String to be escaped
     * @return string Escaped string
     */
    static function myEscape($str) {
        $str = html_entity_decode($str);
        return stripslashes($str);
    }
}
?>
Then, your init() could have the following form:
public function init() {
    require_once(APPLICATION_PATH . '/../library/My/Tools.php');
    $this->view->setEscape(array('My_Tools', 'myEscape'));
}
Off course it would be better to add Tools to Autoloader, but for this is just an example.
 
         
                                         
                                         
                                         
                                        ![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif) 
                                         
                                         
                                         
                                         加载中,请稍侯......
 加载中,请稍侯......
      
精彩评论