I am using TinyMCE for my PHP/CodeIgniter CMS back-end input. However when I use a text color, some of codes are not saved and does not show the correct color.
How can I solve this problem?
Thanks in advance.
<span style="color: #ff00ff;">Some text</span>
becomes
<span #ff00ff;">Some text</span>
in database
Some codes are here.
In my controller.
function _fields() { $data = array( .... 'content' => $_POST['content'], .... ); return $data; } function create() { // We need TinyMCE, so load it $this->bep_assets->load_asset_group('TINYMCE'); ... if ($this->input->post('name')) { $data = $this->_fields(); $this->MKaimonokago->addItem($this->module,$data); ...
And in my model.
function addItem($module,$data,$return_id=FALSE) { $module_table = 'omc_'.$module; ... $this->db->insert($module_table, $data); ... }
Advertisement
Answer
With CodeIgniter, if you have the XSS filter enabled globally (set in your config.php
) you will find that HTML inline style text is removed from all form inputs.
To get around this you can disable global XSS filtering and filter your TinyMCE form inputs manually with something like HTML Purifier, which gives you a lot more control over the elements and attributes which you would like to allow.
For the rest of your form inputs you can still run them through CodeIgniter’s XSS filter – you’ll just have to do it manually, like so:
$this->form_validation->set_rules('form_item_name', 'Field Name', 'required|xss_clean|strip_tags|trim');