Gopalakrishnan Gopalakrishnan - 2 months ago 6
Ajax Question

pass HTML tags with style attributes from Javascript to PHP

I'm using CKeditor and one file input element. And i'm passing its in Jquery Ajax with FormData.. Here is my Jquery function.

function sample(){
var cmtWRITE=CKEDITOR.instances['cmtWRITE'].getData();
var vpb_files = document.getElementById('vpb-data-file').files;
var vpb_data = new FormData();

$.each(storedFiles, function(keys, values)
{
vpb_data.append(keys, values);
});
vpb_data.append('cmtWRITE', cmtWRITE);
console.log(cmtWRITE); // here just for confirmation
for (var pair of vpb_data.entries()) {
console.log("### "+pair[0]+ ', ' + pair[1]); // here just for confirmation
}
$.ajax({
url: base_url+'aaa/xxxx',
type: 'POST',
data: vpb_data,
cache: false,
processData: false,
contentType: false,
dataType : 'html',
beforeSend: function()
{
//doing some process
},
success: function(response)
{
//doing response
},
error:
function(e){
console.log('Error while request..'+JSON.stringify(e));
}
});
}


In php function getting value by

$txt=$this->input->post("cmtWRITE");


when I echo $txt or directly $this->input->post("cmtWRITE"), it print as:

<p>Okay<em> </em><span [removed]>Noted</span></p>


but in console actual value is

<p>Okay<em> </em><span style='color:#ff0000'>Noted</span></p>


Here i added font color through CK editor. But in PHP side getting [removed], that makes not added styles to fonts.
here my ckeditor Init

CKEDITOR.replace( "cmtWRITE", {
// Define the toolbar groups as it is a more accessible solution.
toolbarGroups: [
{"name":"basicstyles","groups":["basicstyles"]},
{"name":"links","groups":["links"]},
{"name":"paragraph","groups":["list","blocks"]},
{"name":"insert","groups":["smiley"]},
{"name":"styles","groups":["TextColor"]},
{"name":"colors","groups":["TextColor"]}
],
// Remove the redundant buttons from toolbar groups defined above.
removeButtons: 'Strike,Subscript,Superscript,Anchor,Specialchar,Image,Source,About,Flash,Table,SpecialChar,Iframe,HorizontalRule,PageBreak',
height:'100px'
//removePlugins: 'clipboard',
});


Thanks in advance. please help me out of this

Answer

CodeIgniter preprocesses (sanitizes) input. I'm guessing the $xss_clean parameter of CI_Input.post is stripping attributes. Try

$txt=$this->input->post("cmtWRITE", FALSE);
Comments