Store HTML Code in database and retrieve it, escaping &lt; as < ...

Hi everybody.
 
    I am saving the contents of a textarea in a database. this textarea contains HTML tags.
 
    I pass the data using the POST Method using the function encodeURIComponent(). It is stored normally as %-escaped characters, but when I get the data again from the database, tags like <strong>SOMETHING</strong> becomes &lt;strong&gt;SOMETHING&lt;/strong&gt;
 
    What can I do to show the data as it was typed?
 
Thanks,
 
Thiago.
icefingesAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
rrzConnect With a Mentor Commented:
First of all, I hope you know about security concerns such as  
http://en.wikipedia.org/wiki/Cross-site_scripting 
and
http://en.wikipedia.org/wiki/SQL_injection

Anyway, if you used encodeURIComponent() at some point, then later at some point you must use decodeURIComponent().  But, maybe you should be doing all this at the server. Are you sending the request to a Servlet ?
0
 
icefingesAuthor Commented:
I am concerned but it is part of a small CMS, therefore only authorized and responsible people should have access to it. Thanks for the advice.
 
In fact I was decoding it at the server-side, with URLDecode, but it was rising lots of problems so you have lead me to the solution. Now I encode and decode at the client-side.
 
Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.