Laravel Escaping All HTML in Blade Template

PhpLaravelLaravel 4Laravel Blade

Php Problem Overview

I'm building a small CMS in Laravel and I tried to show the content (which is stored in the DB). It is showing the HTML tags instead of executing them. Its like there is an auto html_entity_decode for all printed data.

<?php

class CmsController extends BaseController
{
    public function Content($name)
    {    
        $data = Pages::where('CID', '=', Config::get('company.CID'))
            ->where('page_name', '=', $name)
            ->first();

        return View::make('cms.page')->with('content', $data);
    }
}

I tried to print the content using the curly brace.

{{ $content->page_desc }}

and triple curly brace.

{{{ $content->page_desc }}}

And they give the same result. I need to execute those HTML tags instead of escaping them.

Php Solutions

Solution 1 - Php

Change your syntax from {{ }} to {!! !!}.

As The Alpha said in a comment above (not an answer so I thought I'd post), in Laravel 5, the {{ }} (previously non-escaped output syntax) has changed to {!! !!}. Replace {{ }} with {!! !!} and it should work.

Solution 2 - Php

use this tag {!! description text !!}

Solution 3 - Php

I had the same issue. Thanks for the answers above, I solved my issue. If there are people facing the same problem, here is two way to solve it:

  • You can use {!! $news->body !!}
  • You can use traditional php openning (It is not recommended) like: <?php echo $string ?>

I hope it helps.

Solution 4 - Php

Include the content in {! <content> !} .

Solution 5 - Php

There is no problem with displaying HTML code in blade templates.

For test, you can add to routes.php only one route:

Route::get('/', function () {

        $data = new stdClass();
        $data->page_desc
            = '<strong>aaa</strong><em>bbb</em>
               <p>New paragaph</p><script>alert("Hello");</script>';

        return View::make('hello')->with('content', $data);
    }
);

and in hello.blade.php file:

<!doctype html>
<html lang="en">
<head>
	<meta charset="UTF-8">
</head>
<body>

{{ $content->page_desc }}

</body>
</html>

For the following code you will get output as on image

![Output][1]

So probably page_desc in your case is not what you expect. But as you see it can be potential dangerous if someone uses for example '

Solution 6 - Php

{{html_entity_decode ($post->content())}} saved the issue for me with Laravel 4.0. Now My HTML content is interpreted as it should.

Categories
Recommended Php Solutions
Recommended Laravel Solutions
Recommended Laravel 4 Solutions
Recommended Laravel Blade Solutions

Previous Solution:

How to revert theme from Darcula to default in Android Studio

AndroidAndroid StudioIntellij IdeaAndroid ThemeAndroid Ide

Next Solution:

Node.js - Get number of processors available

Linuxnode.js

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionDr.NeoView Question on Stackoverflow
Solution 1 - PhpIvan TopolcicView Answer on Stackoverflow
Solution 2 - PhpsanjayView Answer on Stackoverflow
Solution 3 - PhpMehmet Sefa BalıkView Answer on Stackoverflow
Solution 4 - PhpAvinash KumarView Answer on Stackoverflow
Solution 5 - PhpMarcin NabiałekView Answer on Stackoverflow
Solution 6 - PhpemiView Answer on Stackoverflow