Disabling XSS, Maybe

Disabling XSS, Maybe

daduffydaduffy Posts: 31Questions: 5Answers: 1

I have tried the followed a number of posts and tried to get my Japanese characters to save, but to no avail.

I have a normal DB for a Karate Dojo and they want to store the Japanese name for the given registrant.

I tried using the following code, but it isn't saving in the DB. When I check the JS console, I see that the proper Japanese characters are getting passed to the PHP page, but something is getting changed. When I manually inject the characters into the DB, they display properly in the Datatable, so I am sure there is a problem with my code.

    $out = Editor::inst( $db, 'table', 'id' )
     ->fields(
        Field::inst( 'id' )->set( false ),
        Field::inst( 'lastname' ),
        Field::inst( 'firstname' ),
        Field::inst( 'japenesename' )->Xss( false ),
....

I am able to save everything else just fine, and have been using Datatables Editor for years and absolutely love it, this is the first time I have had a problem that I cannot figure out.

Thank you in advance for your help!

Dave

This question has an accepted answers - jump to answer

Answers

  • allanallan Posts: 61,431Questions: 1Answers: 10,048 Site admin
    Answer ✓

    This is more likely to be a utf8 character encoding issue than XSS I think. Does setting the XSS to false "fix" it? If not, then its a character encoding issue.

    Try:

    $db->sql( 'set names utf8' );
    

    just before your PHP Editor initialisation there.

    Allan

  • daduffydaduffy Posts: 31Questions: 5Answers: 1

    Perfect, that did it!
    Thanks, Allan.

    Dave

This discussion has been closed.