Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

Difference in templates between TEXT and VARCHAR

Go to End

4 Posts   2237 Views


Community Member, 501 Posts

29 October 2007 at 10:24am


I noticed there must be some difference in the way SS treats variables of a different fieldtype in a template.

In order to get working html out of a varchar variable, I have to use:


otherwise it is 'htmlspecialcharred'...
while with text it can just be


and to have that one 'cleaned' I need to use


Any clues on this one..?

I didn't expect this, couldn't find anything about this in


Administrator, 690 Posts

29 October 2007 at 10:42am

If you plan on storing HTML in a varchar variable, use the field type HTMLVarchar instead.

There is also an HTMLText variable that you should use. Text variables aren't escaped by default, but this is a bug in there for legacy reasons.

In short, use the field types with the "HTML" prefix, this tells the template systems not to escape the data before putting it in the template.


Community Member, 501 Posts

29 October 2007 at 10:52am


I wasn't planning on using HTML in them, just trying to crack it, see what would happen if I did and so I discovered the difference.

I was planning to use the built-in pagecomments but change them so users could use (some) html in them. By default I see that Text is used there, so maybe I better change this to HTMLText.


Administrator, 690 Posts

29 October 2007 at 1:39pm

That's right. You'll have to be careful not to allow cross-site scripting, of course! One thing that you could consider doing is making a new field type, called SafeHTMLText:

class SafeHTMLText extends Text {
  function SafeHTML() {
     return some_processing_of($this->value);

You can then make your Comment field of tpye SafeHTMLText, and in your template, put: