Answer the question
In order to leave comments, you need to log in
How to store html in database?
Please tell me how best to store the html code if I have a visual post editor and they are formatted in this editor.
Now doctrine saves the content of the posts along with html tags, quotes and other things in the database. As it is. Doesn't this harm the security of the app? What is the best way to get it all out of the database?
Answer the question
In order to leave comments, you need to log in
Data can be sent not only through the browser where your editor is running.
You can also "communicate with the world" through the console, where the editor does not work, but the data is sent very simply.
Therefore, it harms the security of the application. (Except for rare situations)
habrahabr.ru/company/smartprogress/blog/202188 - For example, Yii
htmlpurifier.org library
https://github.com/ezyang/htmlpurifier repository
Instead of htmlpurifier, you can use any other libraries to work with client data.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question