Laravel Escaping All HTML in Blade Template

Escaping raw html in blade template files

The syntax is without the space. Removing your leading space will solve your issue.

{!! $jobs[0]->content !!}

https://laravel.com/docs/8.x/blade#displaying-unescaped-data

Render Laravel blade template as string without escaped chars and line breaks?

If you want it to be html, use method toHtml()

view('holiday.diagram')->toHtml();

Including HTML in Blade

The {{ $var }} syntax is only for use in Blade files.

In your controller, you should be using standard PHP concatenation:

$msg = 'You .... to <a href="'. action('UserController@viewStore', $drug->drugStore->id) . '">' . $drug->drugStore->name . '</a>';
//                                                                                            ^^^^                      ^^^^

Escaping all html in a blade

One possible solution that I can think of:

$emailBlade = CentreEmailTemplate::where('centre_id', $tenant->centre_id)->where('email_template_type_id', 2)->get()[0]->html_template; //getting html content

$variables = ['{{$mgrName}}' , '{{$fileUrl}}']; //lets say you have two variables
$values = [$tenant->name , $fileUrl];

$email = str_replace($variables , $values , $emailBlade); //now variables are replaced with their values.

Then, in your 'emails.Login.LoginDynami' blade file:

{!! $email !!}

I think what mentioned above is best solution. However as you mentioned that you are already tried this. I can suggest another solution:

Another possible solution is the use of eval(). eval() will evaluate the string as PHP. To use eval() you should first compile the blade string to PHP. which means the {{$variable}} should become something like <?php echo $variable ?>. to do that you can use Blade::compileString($emailBlade). Then you use eval.

However you should be careful about eval. Because you are allowing arbitrary PHP code execution. Therefore if any of the variables are provided by user you should sanitize them.

Laravel blade not escaping HTML

you should use {{...}} for variable printing.

and {!!...!!} this for normal html. you can just write plain html without braces and it will show correctly.


Related Topics

How to Implode Array with Key and Value Without Foreach in PHP

PHP Yaml Parsers

Save Array in MySQL Database

Send Xml Data to Webservice Using PHP Curl

Setting a PHP Script as a Windows Service

Simple PHP Form: Attachment to Email (Code Golf)

Pdo Try-Catch Usage in Functions

Laravel Nested Relationships

What's the Most Efficient Test of Whether a PHP String Ends with Another String

How to Cache in Symfony 2

PHP - Parsing a Txt File

Laravel Migration Table Already Exists, But I Want to Add New Not the Older

Make Switch Use === Comparison Not == Comparison in PHP

Org.JSON.JSONexception: Value <Br of Type Java.Lang.String Cannot Be Converted to JSONobject

Detecting Ajax in PHP and Making Sure Request Was from My Own Website

Warning: Require_Once(): Http:// Wrapper Is Disabled in the Server Configuration by Allow_Url_Include=0

Resetting MySQL Root Password with Xampp on Localhost

How to Change PHP Version Used by Composer


Leave a reply



Submit