Answer the question
In order to leave comments, you need to log in
Z
Z
Zikdelk2021-04-30 03:47:31
Zikdelk, 2021-04-30 03:47:31
How to display html code with tags in php?
I know that Html::stripTags is an output without html tags. And what should be replaced in this piece of code in order to display text with html tags?
if (!empty($arItem['PARAMS']['SECTION']) && !empty($arItem['PARAMS']['SECTION']['DESCRIPTION'])) {
$sDescription = Html::stripTags($arItem['PARAMS']['SECTION']['UF_OPIS'], ['br']);
} else if (!empty($arItem['PARAMS']['ELEMENT']) && !empty($arItem['PARAMS']['ELEMENT']['UF_OPIS'])) {
$sDescription = Html::stripTags($arItem['PARAMS']['ELEMENT']['UF_OPIS'], ['br']);
}If I just remove
$sDescription = $arItem['PARAMS']['ELEMENT']['UF_OPIS'], ['br'];then the code breaks.
1 answer(s)
@Compolomus
But this is a direct path to xss
You can add the necessary tags after the comma for forwarding
['br', 'a', 'i'] I'm not sure about the syntax, in the original function like this
https://www.php.net/manual/ru/ function.strip-tags.php
D
Dmitry, 2021-04-30 @Compolomus
if (!empty($arItem['PARAMS']['SECTION']) && !empty($arItem['PARAMS']['SECTION']['DESCRIPTION'])) {
$sDescription = $arItem['PARAMS']['SECTION']['UF_OPIS'];
} else if (!empty($arItem['PARAMS']['ELEMENT']) && !empty($arItem['PARAMS']['ELEMENT']['UF_OPIS'])) {
$sDescription = $arItem['PARAMS']['ELEMENT']['UF_OPIS'];
}But this is a direct path to xss
You can add the necessary tags after the comma for forwarding
['br', 'a', 'i'] I'm not sure about the syntax, in the original function like this
https://www.php.net/manual/ru/ function.strip-tags.php
// Начиная с PHP 7.4.0, строка выше может быть записана как: // echo strip_tags($text, ['p', 'a']);
Similar questions
K
V
C
B
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question