How to call a variable within {!! !!} in Laravel 5.1? - php

I have this:
<title>{!!Config::get('lang_en.title')!!}</title>
I want to do somethnig like this:
<title>{!!Config::get('lang_{{$language}}.title')!!}</title>
Is it possible ?

try this
{!!Config::get('lang_' . $language . '.title')!!}
by removing curly brackets and append the value as a string

I think the general thing you need to understand is that anything inside {!! !!} is normal PHP, not Blade templating.
So you would concatenate variables the same way you would in PHP, as your accepted answer shows:
'lang_' . $language . '.title'
Basically {!! X !!} gets converted to <?php echo X ; ?>
And {{ X }} gets converted to <?php echo htmlentities( X ); ?>
{{ }} is safer and should always be used if the string contains user input. {!! !!} should be used if the string contains HTML. What if it's a mix of both?
Then you should use {!! !!} so that the HTML works, but wrap the user input with the e() function, e.g.
// In the controller
$string = '<span>' . e($username) . '</span>';
// In the view
{!! $string !!}
e() is just Laravel shorthand for htmlentities().

Related

How to show bullets and numbering [duplicate]

I have a string returned to one of my views, like this:
$text = '<p><strong>Lorem</strong> ipsum dolor <img src="images/test.jpg"></p>'
I'm trying to display it with Blade:
{{$text}}
However, the output is a raw string instead of rendered HTML. How do I display HTML with Blade in Laravel?
PS. PHP echo() displays the HTML correctly.
You need to use
{!! $text !!}
The string will auto escape when using {{ $text }}.
For laravel 5
{!!html_entity_decode($text)!!}
Figured out through this link, see RachidLaasri answer
You can try this:
{!! $text !!}
You should have a look at: http://laravel.com/docs/5.0/upgrade#upgrade-5.0
Please use
{!! $test !!}
Only in case of HTML while if you want to render data, sting etc. use
{{ $test }}
This is because when your blade file is compiled
{{ $test }} is converted to <?php echo e($test) ?>
while
{!! $test !!} is converted to <?php echo $test ?>
There is another way. If object purpose is to render html you can implement \Illuminate\Contracts\Support\Htmlable contract that has toHtml() method.
Then you can render that object from blade like this: {{ $someObject }} (note, no need for {!! !!} syntax).
Also if you want to return html property and you know it will be html, use \Illuminate\Support\HtmlString class like this:
public function getProductDescription()
{
return new HtmlString($this->description);
}
and then use it like {{ $product->getProductDescription() }}.
Of course be responsible when directly rendering raw html on page.
When your data contains HTML tags then use
{!! $text !!}
When your data doesn't contain HTML tags then use
{{ $text }}
Try this. It worked for me.
{{ html_entity_decode($text) }}
In Laravel Blade template, {{ }} wil escape html. If you want to display html from controller in view, decode html from string.
You can do that using three ways first use if condition like below
{!! $text !!}
The is Second way
<td class="nowrap">
#if( $order->status == '0' )
<button class="btn btn-danger">Inactive</button>
#else
<button class="btn btn-success">Active</button>
#endif
</td>
The third and proper way for use ternary operator on blade
<td class="nowrap">
{!! $order->status=='0' ?
'<button class="btn btn-danger">Inactive</button> :
'<button class="btn btn-success">Active</button> !!}
</td>
I hope the third way is perfect for used ternary operator on blade.
you can do with many ways in laravel 5..
{!! $text !!}
{!! html_entity_decode($text) !!}
Use {!! $text !!}to display data without escaping it. Just be sure that you don’t do this with data that came from the user and has not been cleaned.
To add further explanation, code inside Blade {{ }} statements are automatically passed through the htmlspecialchars() function that php provides. This function takes in a string and will find all reserved characters that HTML uses. Reserved characters are & < > and ". It will then replace these reserved characters with their HTML entity variant. Which are the following:
|---------------------|------------------|
| Character | Entity |
|---------------------|------------------|
| & | & |
|---------------------|------------------|
| < | < |
|---------------------|------------------|
| > | > |
|---------------------|------------------|
| " | " |
|---------------------|------------------|
For example, assume we have the following php statement:
$hello = "<b>Hello</b>";
Passed into blade as {{ $hello }} would yield the literal string you passed:
<b>Hello</b>
Under the hood, it would actually echo as <b>Hello<b&gt
If we wanted to bypass this and actually render it as a bold tag, we escape the htmlspecialchars() function by adding the escape syntax blade provides:
{!! $hello !!}
Note that we only use one curly brace.
The output of the above would yield:
Hello
We could also utilise another handy function that php provides, which is the html_entity_decode() function. This will convert HTML entities to their respected HTML characters. Think of it as the reverse of htmlspecialchars()
For example say we have the following php statement:
$hello = "<b> Hello <b>";
We could now add this function to our escaped blade statement:
{!! html_entity_decode($hello) !!}
This will take the HTML entity < and parse it as HTML code <, not just a string.
The same will apply with the greater than entity >
which would yield
Hello
The whole point of escaping in the first place is to avoid XSS attacks. So be very careful when using escape syntax, especially if users in your application are providing the HTML themselves, they could inject their own code as they please.
This works fine for Laravel 5.6
<?php echo "$text"; ?>
In a different way
{!! $text !!}
It will not render HTML code and print as a string.
For more details open link:- Display HTML with Blade
By default, Blade {{ }} statements are automatically sent through PHP's htmlspecialchars function to prevent XSS attacks. If you do not want your data to be escaped, you may use the following syntax:
According to the doc, you must do the following to render your html in your Blade files:
{!! $text !!}
Be very careful when echoing content that is supplied by users of your application. You should typically use the escaped, double curly brace syntax to prevent XSS attacks when displaying user supplied data.
If you want to escape the data use
{{ $html }}
If don't want to escape the data use
{!! $html !!}
But till Laravel-4 you can use
{{ HTML::link('/auth/logout', 'Sign Out', array('class' => 'btn btn-default btn-flat')) }}
When comes to Laravel-5
{!! HTML::link('/auth/logout', 'Sign Out', array('class' => 'btn btn-default btn-flat')) !!}
You can also do this with the PHP function
{{ html_entity_decode($data) }}
go through the PHP document for the parameters of this function
html_entity_decode - php.net
Try this, It's worked:
#php
echo $text;
#endphp
For who using tinymce and markup within textarea:
{{ htmlspecialchars($text) }}
On controller.
$your_variable = '';
$your_variable .= '<p>Hello world</p>';
return view('viewname')->with('your_variable', $your_variable)
If you do not want your data to be escaped, you may use the following syntax:
{!! $your_variable !!}
Output
Hello world
{!! !!} is not safe.
Read here: https://laravel.com/docs/5.6/blade#displaying-data
You can try:
#php
echo $variable;
#endphp
If you use the Bootstrap Collapse class sometimes {!! $text !!}
is not worked for me but {{ html_entity_decode($text) }} is worked for me.
I have been there and it was my fault. And very stupid one.
if you forget .blade extension in the file name, that file doesn't understand blade but runs php code. You should use
/resources/views/filename.blade.php
instead of
/resources/views/filename.php
hope this helps some one

How can display space in view blade laravel 5.3?

My records in db is like this :
I want to display with space
I try like this :
{{ nl2br($text) }}
and
{{ nl2br(e($text)) }}
It does not work
How can I solve it?
have you tried using {!! " " !!} here you can use HTML entity &nbsp
you can create a helper like this
$output = nl2br(str_replace(" ", " ", $db_record));
Then your blade file
{!! $output !!};
Try this code
{!!nl2br($text)!!}
This will provide space in laravel blade template.
{{ ' ' }}
You Can use PHP bulid in funtion (&nbsp) for space

How convert a data from database to html tags? [duplicate]

I have a string returned to one of my views, like this:
$text = '<p><strong>Lorem</strong> ipsum dolor <img src="images/test.jpg"></p>'
I'm trying to display it with Blade:
{{$text}}
However, the output is a raw string instead of rendered HTML. How do I display HTML with Blade in Laravel?
PS. PHP echo() displays the HTML correctly.
You need to use
{!! $text !!}
The string will auto escape when using {{ $text }}.
For laravel 5
{!!html_entity_decode($text)!!}
Figured out through this link, see RachidLaasri answer
You can try this:
{!! $text !!}
You should have a look at: http://laravel.com/docs/5.0/upgrade#upgrade-5.0
Please use
{!! $test !!}
Only in case of HTML while if you want to render data, sting etc. use
{{ $test }}
This is because when your blade file is compiled
{{ $test }} is converted to <?php echo e($test) ?>
while
{!! $test !!} is converted to <?php echo $test ?>
There is another way. If object purpose is to render html you can implement \Illuminate\Contracts\Support\Htmlable contract that has toHtml() method.
Then you can render that object from blade like this: {{ $someObject }} (note, no need for {!! !!} syntax).
Also if you want to return html property and you know it will be html, use \Illuminate\Support\HtmlString class like this:
public function getProductDescription()
{
return new HtmlString($this->description);
}
and then use it like {{ $product->getProductDescription() }}.
Of course be responsible when directly rendering raw html on page.
When your data contains HTML tags then use
{!! $text !!}
When your data doesn't contain HTML tags then use
{{ $text }}
Try this. It worked for me.
{{ html_entity_decode($text) }}
In Laravel Blade template, {{ }} wil escape html. If you want to display html from controller in view, decode html from string.
You can do that using three ways first use if condition like below
{!! $text !!}
The is Second way
<td class="nowrap">
#if( $order->status == '0' )
<button class="btn btn-danger">Inactive</button>
#else
<button class="btn btn-success">Active</button>
#endif
</td>
The third and proper way for use ternary operator on blade
<td class="nowrap">
{!! $order->status=='0' ?
'<button class="btn btn-danger">Inactive</button> :
'<button class="btn btn-success">Active</button> !!}
</td>
I hope the third way is perfect for used ternary operator on blade.
you can do with many ways in laravel 5..
{!! $text !!}
{!! html_entity_decode($text) !!}
Use {!! $text !!}to display data without escaping it. Just be sure that you don’t do this with data that came from the user and has not been cleaned.
To add further explanation, code inside Blade {{ }} statements are automatically passed through the htmlspecialchars() function that php provides. This function takes in a string and will find all reserved characters that HTML uses. Reserved characters are & < > and ". It will then replace these reserved characters with their HTML entity variant. Which are the following:
|---------------------|------------------|
| Character | Entity |
|---------------------|------------------|
| & | & |
|---------------------|------------------|
| < | < |
|---------------------|------------------|
| > | > |
|---------------------|------------------|
| " | " |
|---------------------|------------------|
For example, assume we have the following php statement:
$hello = "<b>Hello</b>";
Passed into blade as {{ $hello }} would yield the literal string you passed:
<b>Hello</b>
Under the hood, it would actually echo as <b>Hello<b&gt
If we wanted to bypass this and actually render it as a bold tag, we escape the htmlspecialchars() function by adding the escape syntax blade provides:
{!! $hello !!}
Note that we only use one curly brace.
The output of the above would yield:
Hello
We could also utilise another handy function that php provides, which is the html_entity_decode() function. This will convert HTML entities to their respected HTML characters. Think of it as the reverse of htmlspecialchars()
For example say we have the following php statement:
$hello = "<b> Hello <b>";
We could now add this function to our escaped blade statement:
{!! html_entity_decode($hello) !!}
This will take the HTML entity < and parse it as HTML code <, not just a string.
The same will apply with the greater than entity >
which would yield
Hello
The whole point of escaping in the first place is to avoid XSS attacks. So be very careful when using escape syntax, especially if users in your application are providing the HTML themselves, they could inject their own code as they please.
This works fine for Laravel 5.6
<?php echo "$text"; ?>
In a different way
{!! $text !!}
It will not render HTML code and print as a string.
For more details open link:- Display HTML with Blade
By default, Blade {{ }} statements are automatically sent through PHP's htmlspecialchars function to prevent XSS attacks. If you do not want your data to be escaped, you may use the following syntax:
According to the doc, you must do the following to render your html in your Blade files:
{!! $text !!}
Be very careful when echoing content that is supplied by users of your application. You should typically use the escaped, double curly brace syntax to prevent XSS attacks when displaying user supplied data.
If you want to escape the data use
{{ $html }}
If don't want to escape the data use
{!! $html !!}
But till Laravel-4 you can use
{{ HTML::link('/auth/logout', 'Sign Out', array('class' => 'btn btn-default btn-flat')) }}
When comes to Laravel-5
{!! HTML::link('/auth/logout', 'Sign Out', array('class' => 'btn btn-default btn-flat')) !!}
You can also do this with the PHP function
{{ html_entity_decode($data) }}
go through the PHP document for the parameters of this function
html_entity_decode - php.net
Try this, It's worked:
#php
echo $text;
#endphp
For who using tinymce and markup within textarea:
{{ htmlspecialchars($text) }}
On controller.
$your_variable = '';
$your_variable .= '<p>Hello world</p>';
return view('viewname')->with('your_variable', $your_variable)
If you do not want your data to be escaped, you may use the following syntax:
{!! $your_variable !!}
Output
Hello world
{!! !!} is not safe.
Read here: https://laravel.com/docs/5.6/blade#displaying-data
You can try:
#php
echo $variable;
#endphp
If you use the Bootstrap Collapse class sometimes {!! $text !!}
is not worked for me but {{ html_entity_decode($text) }} is worked for me.
I have been there and it was my fault. And very stupid one.
if you forget .blade extension in the file name, that file doesn't understand blade but runs php code. You should use
/resources/views/filename.blade.php
instead of
/resources/views/filename.php
hope this helps some one

Laravel form echo variable

i am still learning how to work with laravel.
Now i have learned how to make a form in laravel. But i have some trouble to echo a variable.
What i want to do is: i want to echo a variable as the value of an input-field if this variable exists, otherwise it should echo nothing.
so my form line looks like this
{{Form::text(
'league_name',
'#if(isset($varialble) {{$variable}} #else {{$nothing}} #endif)'
)}}
How can i echo a variable in a form?
i am using blade btw.
This is the right way to do it:
{!! Form::text('league_name', isset($varialble) ? $variable : '') !!}
If you're using PHP7, you can do this:
{!! Form::text('league_name', $varialble) ?? '') !!}
Update
To add placeholder, pass it in an array as third parameter. Also, you usually want to pass a class:
{!! Form::text('league_name', isset($varialble) ? $variable : '', ['placeholder' => 'My placeholder', 'class' => 'form-control']) !!}
Try This. Here You can use null instead of $nothing and $variable is your variable
{{Form::text('league_name',$varialble ? $variable : $nothing)')}}
In Laravel use can use normal PHP code also
{!! Form::text('league_name', !empty($varialble) ? $variable : '') !!}
here you can use {!! data/variables !!} or {{ data/variables }}
above will resolve your problem.

Displaying HTML with Blade shows the HTML code

I have a string returned to one of my views, like this:
$text = '<p><strong>Lorem</strong> ipsum dolor <img src="images/test.jpg"></p>'
I'm trying to display it with Blade:
{{$text}}
However, the output is a raw string instead of rendered HTML. How do I display HTML with Blade in Laravel?
PS. PHP echo() displays the HTML correctly.
You need to use
{!! $text !!}
The string will auto escape when using {{ $text }}.
For laravel 5
{!!html_entity_decode($text)!!}
Figured out through this link, see RachidLaasri answer
You can try this:
{!! $text !!}
You should have a look at: http://laravel.com/docs/5.0/upgrade#upgrade-5.0
Please use
{!! $test !!}
Only in case of HTML while if you want to render data, sting etc. use
{{ $test }}
This is because when your blade file is compiled
{{ $test }} is converted to <?php echo e($test) ?>
while
{!! $test !!} is converted to <?php echo $test ?>
There is another way. If object purpose is to render html you can implement \Illuminate\Contracts\Support\Htmlable contract that has toHtml() method.
Then you can render that object from blade like this: {{ $someObject }} (note, no need for {!! !!} syntax).
Also if you want to return html property and you know it will be html, use \Illuminate\Support\HtmlString class like this:
public function getProductDescription()
{
return new HtmlString($this->description);
}
and then use it like {{ $product->getProductDescription() }}.
Of course be responsible when directly rendering raw html on page.
When your data contains HTML tags then use
{!! $text !!}
When your data doesn't contain HTML tags then use
{{ $text }}
Try this. It worked for me.
{{ html_entity_decode($text) }}
In Laravel Blade template, {{ }} wil escape html. If you want to display html from controller in view, decode html from string.
You can do that using three ways first use if condition like below
{!! $text !!}
The is Second way
<td class="nowrap">
#if( $order->status == '0' )
<button class="btn btn-danger">Inactive</button>
#else
<button class="btn btn-success">Active</button>
#endif
</td>
The third and proper way for use ternary operator on blade
<td class="nowrap">
{!! $order->status=='0' ?
'<button class="btn btn-danger">Inactive</button> :
'<button class="btn btn-success">Active</button> !!}
</td>
I hope the third way is perfect for used ternary operator on blade.
you can do with many ways in laravel 5..
{!! $text !!}
{!! html_entity_decode($text) !!}
To add further explanation, code inside Blade {{ }} statements are automatically passed through the htmlspecialchars() function that php provides. This function takes in a string and will find all reserved characters that HTML uses. Reserved characters are & < > and ". It will then replace these reserved characters with their HTML entity variant. Which are the following:
|---------------------|------------------|
| Character | Entity |
|---------------------|------------------|
| & | & |
|---------------------|------------------|
| < | < |
|---------------------|------------------|
| > | > |
|---------------------|------------------|
| " | " |
|---------------------|------------------|
For example, assume we have the following php statement:
$hello = "<b>Hello</b>";
Passed into blade as {{ $hello }} would yield the literal string you passed:
<b>Hello</b>
Under the hood, it would actually echo as <b>Hello<b&gt
If we wanted to bypass this and actually render it as a bold tag, we escape the htmlspecialchars() function by adding the escape syntax blade provides:
{!! $hello !!}
Note that we only use one curly brace.
The output of the above would yield:
Hello
We could also utilise another handy function that php provides, which is the html_entity_decode() function. This will convert HTML entities to their respected HTML characters. Think of it as the reverse of htmlspecialchars()
For example say we have the following php statement:
$hello = "<b> Hello <b>";
We could now add this function to our escaped blade statement:
{!! html_entity_decode($hello) !!}
This will take the HTML entity < and parse it as HTML code <, not just a string.
The same will apply with the greater than entity >
which would yield
Hello
The whole point of escaping in the first place is to avoid XSS attacks. So be very careful when using escape syntax, especially if users in your application are providing the HTML themselves, they could inject their own code as they please.
Use {!! $text !!}to display data without escaping it. Just be sure that you don’t do this with data that came from the user and has not been cleaned.
By default, Blade {{ }} statements are automatically sent through PHP's htmlspecialchars function to prevent XSS attacks. If you do not want your data to be escaped, you may use the following syntax:
According to the doc, you must do the following to render your html in your Blade files:
{!! $text !!}
Be very careful when echoing content that is supplied by users of your application. You should typically use the escaped, double curly brace syntax to prevent XSS attacks when displaying user supplied data.
This works fine for Laravel 5.6
<?php echo "$text"; ?>
In a different way
{!! $text !!}
It will not render HTML code and print as a string.
For more details open link:- Display HTML with Blade
If you want to escape the data use
{{ $html }}
If don't want to escape the data use
{!! $html !!}
But till Laravel-4 you can use
{{ HTML::link('/auth/logout', 'Sign Out', array('class' => 'btn btn-default btn-flat')) }}
When comes to Laravel-5
{!! HTML::link('/auth/logout', 'Sign Out', array('class' => 'btn btn-default btn-flat')) !!}
You can also do this with the PHP function
{{ html_entity_decode($data) }}
go through the PHP document for the parameters of this function
html_entity_decode - php.net
Try this, It's worked:
#php
echo $text;
#endphp
For who using tinymce and markup within textarea:
{{ htmlspecialchars($text) }}
On controller.
$your_variable = '';
$your_variable .= '<p>Hello world</p>';
return view('viewname')->with('your_variable', $your_variable)
If you do not want your data to be escaped, you may use the following syntax:
{!! $your_variable !!}
Output
Hello world
{!! !!} is not safe.
Read here: https://laravel.com/docs/5.6/blade#displaying-data
You can try:
#php
echo $variable;
#endphp
If you use the Bootstrap Collapse class sometimes {!! $text !!}
is not worked for me but {{ html_entity_decode($text) }} is worked for me.
I have been there and it was my fault. And very stupid one.
if you forget .blade extension in the file name, that file doesn't understand blade but runs php code. You should use
/resources/views/filename.blade.php
instead of
/resources/views/filename.php
hope this helps some one

Categories