Zend form and Zend filter HtmlEntities

2019-05-26 23:04发布

问题:

I have a registration form with a few fields. One of them looks like this:

        $first_name = new Zend_Form_Element_Text('first_name');
        $first_name ->setLabel("First name")
                    ->setRequired(true)
                    ->addFilter(new Zend_Filter_HtmlEntities());

I use the same form for editing user's details. The problem is with the Zend_filter_HtmlEntities. It does the job when I send the form's data to the database, it replaces html special chars with their alternatives. However, when I initialise this form and give it default values from a database record, Zend_filter_HtmlEntities filters those values again and I get some garbage in my input fields.

For example, in first name input field, instead of <b>Name, I get &amp;lt;b&amp;gt; Name

Which means that when the form is rendered with default values, element filters are applied again and < because &lt; :(

Is there an elegant solution to this problem, apart from reformatting the data before it gets passed to the form?

回答1:

Adding the Zend_Filter_HtmlEntities filter, I would avoid entirely. Instead, I'd worry about escaping html entities only when displaying the data back to the user.