We are moving our forum in GitHub Discussions. For questions about Phalcon v3/v4 you can visit here and for Phalcon v5 here.

About escaping strings when creating

Is a way to cancel the automatic escaping of strings? (for example, I want the users to be available to put Él hizo mucho daño; I put it in spanish to see what I'm asking for, É and ñ).

I do a validation before I insert nothing, so the security is not a problem (I think).

(EDIT: I mean when creating a new record in the db)


Not sure that understand you. You ask about escaping, what you get on output?


When I enter Él hizo mucho daño, the chars described in the first post are automatically escaped before inserting them on the DB (so they show up in the DB record with symbols like é).


How you use it?

$filter = new \Phalcon\Filter();
$filter->sanitize("Él hizo mucho daño", "string");

return Él hizo mucho daño. Maybe db escaping string? You try insert string in console mode?


Yeah, in console I update the DB putting that chars and shows perfectly. The problem is when creating the record in the controller.

Now I get a É with the sanitize() method.


Maybe trouble with character set? Try change headers.

edited Sep '14

Would you illuminate me setting the header? I'm trying to find how but I can't.

(EDIT: I did a workaround using the famous answer SET NAMES utf8, but I think that is a little inconvenient). (EDIT2: Putting that option now allows me to receive data from the DB without strange characters, so I think it's solved).


header("Content-type: text/html; charset=utf-8");


Why I would need to declare that header if i already had in the HTML <meta charset="utf-8">?

(BTW, I solved it, look up)


You one solved it.. like this and help people :)


Well, I didn't really solved it: Google and this post solved it https://forum.phalcon.io/discussion/10/mysql-utf8-encoding