Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Template Questions

&gt; and &lt; Rendered in Template Instead of <>


Reply

8 Posts   3350 Views

Avatar
Garrett

10 March 2012 at 5:44am Community Member, 245 Posts

Hi,

I am having a hell of a time rendering a $Title variable in the template which contains HTML. Somewhere between the controller and the template

< and >

are being replaced with

&lt; and &gt;

as well as many other characters. I've tried absolutely everything to prevent this and to re-replace them but to no avail. The title is plain text in the database, but I have some titles which are Tweets, and so in the controller, in my DataObject::get() result I am parsing them to change the parts that are supposed to be links into links. They come back from the parser perfectly:

horngroup: <a href="http://twitter.com/#!/search?q=%23Apple" target="_blank">#Apple</a> Announces A $499 Retina-Equipped <a href="http://twitter.com/#!/search?q=%23iPad" target="_blank">#iPad</a> (It’s Just Called iPad) <a href="http://t.co/cFPe1HPg" target="_blank">http://t.co/cFPe1HPg</a> <a href="http://twitter.com/#!/search?q=%23appleevent" target="_blank">#appleevent</a>


But when I render $Title in the template, it looks like this:

horngroup: &lt;a href=&#39;http://twitter.com/#!/search?q=%23Apple&#39; target=&#39;_blank&#39;&gt;#Apple&lt;/a&gt;’s new &lt;a href=&#39;http://twitter.com/#!/search?q=%23iPad&#39; target=&#39;_blank&#39;&gt;#iPad&lt;/a&gt;: 9 features that matter &lt;a href=&#39;http://t.co/IOwFyCii&#39; target=&#39;_blank&#39;&gt;http://t.co/IOwFyCii&lt;/a&gt;

First of all, why is this happening, and second, how can I stop it? It seems I need a method ion the template itself to render it as HTML but I can't figure it out. Any help out there?

$stream_items = DataObject::get($table,
               "`Category`.`CategoryFilterURL` = '".$url."'","Date DESC",
               "LEFT JOIN `".$table."_Categories` ON `".$table."_Categories`.`".$table."ID` = `".$table."`.`ID`
               LEFT JOIN `Category` ON `Category`.`ID` = `".$table."_Categories`.`CategoryID`",
               $limit);
            foreach($stream_items as $stream_item) {
               
               $IsTweet = false;
               // if is Tweet
               if($stream_item->ClassName=="ExternalBlogEntry") {
                     
                  $IsTweet = true;
                     
                  $text = $stream_item->Title;
                  $text = $this->parseTweet($text);
                  $stream_item->Title = $text;
                  
               }
               $stream_item->IsTweet = $IsTweet;
            }
            return $stream_items;

The Title is a property within the $stream_items object.

Thanks,
Garrett

Avatar
Willr

12 March 2012 at 9:20pm Forum Moderator, 5511 Posts

Every field you output to the template is run through XML() to make sure it is HTML sure it doesn't cause trouble with XSS. If you field contains HTML which you want to be rendered, ensure it is a 'HTMLText' data type rather than Varchar.

Avatar
Garrett

13 March 2012 at 3:56am Community Member, 245 Posts

Hi @willr, thanks for replying - I had a feeling this was the issue, though I am very reluctant to modify core files. The Title field is declared in SiteTree.php. Is there a way to overload this field in mysite code, in _config.php or otherwise?

//Garrett

Avatar
Willr

13 March 2012 at 12:32pm Forum Moderator, 5511 Posts

Create a new variable for it and add it to the casting list

static $casting = array(
'HTMLTitle' => 'HTMLText'
);

function getHTMLTitle() {
return $this->Title;
}

Then use $HTMLTitle rather than $Title.

Avatar
Garrett

20 March 2012 at 4:52am Community Member, 245 Posts

Done-zo. Thanks as always @willr.

//Garrett

Avatar
s20529334

12 March 2014 at 6:11am Community Member, 2 Posts

Hello Willr,

To which file do I add this code you pasted in your previous comment? I'm quite new to PHP and Wordpress, please help. I have Google tracking code that I need to change as it's showing the following "&gt" instead of the greater as sign:

<p><!-- Google Code for Website Inquiry | Nanosoft | Web Design Conversion Page --><br />
<script type="text/javascript">
/* < ![CDATA[ */
var google_conversion_id = 1053283348;
var google_conversion_language = "en";
var google_conversion_format = "1";
var google_conversion_color = "ffffff";
var google_conversion_label = "_WroCLSMpQgQlKif9gM";
var google_remarketing_only = false;
/* ]]&gt; */
</script><br />
<script type="text/javascript" src="//www.googleadservices.com/pagead/conversion.js">
</script></p>
<noscript>
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="//www.googleadservices.com/pagead/conversion/1053283348/?label=_WroCLSMpQgQlKif9gM&amp;guid=ON&amp;script=0"/>
</div>
</noscript>

Avatar
Willr

12 March 2014 at 6:25pm Forum Moderator, 5511 Posts

This is because your field type doesn't support HTML . You need to make sure your Database field that you're rendering into your page is of type HTMLText *or* you have a wrapper which returns a field of HTMLText.

See http://doc.silverstripe.org/framework/en/topics/data-types for more information.

So for this case, you may have a field called 'GoogleCodeField' which is of type 'HTMLText'

private static $db = array(
'GoogleCodeField' => 'HTMLText'
);

public function getCMSFields() {
$fields = parent::getCMSFields();
$fields->addFieldToTab('Root.Main', new TextareaField('GoogleCodeField');

return $fields;
}

Avatar
s20529334

13 March 2014 at 2:49am Community Member, 2 Posts

Hello Willr,

I appreciate your help so far, however I'm still a bit confused. The piece of code you gave me in the forum below, do I just add this somewhere within that same PHP page with Google code or what? I'm quite new to PHP, but I only need to make this Google tracking code work. Also, where can I get an eBook to teach me all I need to know about this language?:

private static $db = array(
'GoogleCodeField' => 'HTMLText'
);

public function getCMSFields() {
$fields = parent::getCMSFields();
$fields->addFieldToTab('Root.Main', new TextareaField('GoogleCodeField');

return $fields;
}