Gossamer Forum
Home : Products : Gossamer Forum : Development, Plugins and Globals :

Another annoying thing - EVERYTHING gets html_encoded!

Quote Reply
Another annoying thing - EVERYTHING gets html_encoded!
Hi,

How can I stop stuff I'm passing in a loop, from getting encoded?

Code:
my @entries;
while (my $hit = $sth->fetchrow_hashref) {
push @entries, $hit;
}

print GForum::Template->parse_print('guestbook_view.html' , { %$vars, entries_loop => \@entries } );

..and the value of $hit->{Contents} gets HTML encoded, thus shows all the HTML, instead of what its mean't to!

I've found a solution:
Code:
my @entries;
while (my $hit = $sth->fetchrow_hashref) {
push @entries, { %$hit, Contents => \$hit->{Contents} };
}

print GForum::Template->parse_print('guestbook_view.html' , { %$vars, entries_loop => \@entries } );

.. but surely there has to be a better way? :/

TIA

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] Another annoying thing - EVERYTHING gets html_encoded! In reply to
Either pass them back as references or unescape_html the variables (first method preferred). FYI, using GT::Template in escape mode (ie. how gforum is using it) is the proper way of doing things, which prevents many XSS vulnerabilities.

Adrian
Quote Reply
Re: [brewt] Another annoying thing - EVERYTHING gets html_encoded! In reply to
Hi,

Thanks again Smile

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!