On Mar 3, 3:51 pm, slenno1 <slen...@gmail.com> wrote:
> Hey everyone,
> I am currently working with a section of a site that takes user
> input using Django forms:
>
> description = forms.CharField(widget=forms.Textarea(attrs={'rows':
> '10', 'cols': '80'}))
>
> The only problem however is that this ignores any html tags that are
> added in by the user and just prints them along with the text entered
> in by the user. For example, a user may type in "The quick brown fox
> <b>jumps</b> over the lazy dog", with the word 'jumps' intended to be
> bold, but the html tags are just printed a long with the text. Is this
> because I am possibly using the wrong widget? Any feedback is greatly
> appreciated, thanks!
Hi, in your template where you have placed {{ model.description }}
Django will automatically escape the html tags you place have input.
The effect is what you are seeing now, they are displayed as text,
rather than being interpreted as html tags. You can selectively turn
this default behaviour off by marking the text as "safe"
{{ model.description|safe }}
The use of the word "safe" here implies that you are entirely sure
that the content of "description" won't contain anything that will
harm your website or your customers. The discussion about what can be
considered "safe" has been had many times and it may pay you well to
do some light reading on the matter. Many people use intermediate
markup languages that don't have the full power of html, Django itself
provides template tags that can aid in rendering them
http://docs.djangoproject.com/en/dev/ref/contrib/#markup an example of
on is here http://en.wikipedia.org/wiki/Textile_(markup_language).
Best of luck.
Jervis
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
