Coldfusion tags within query output

Question

I have a simple query to a SQL database that returns a record set. Within the record set is a field that contains HTML and CFML. When I display the content it reads the CF tags literally. Is there any way to get the CF tags to be processed when it is returned in the query output? See example below. ------------------ CODE ON PAGE ------------------------------- select ID, HTMLFIELD from TABLENAME where ID = '1' #getdata.HTMLFIELD# -----------------------VALUE OF "HTMLFIELD" VARIABLE--------------------------------

Today is #variables.todaysdate#

------------------------WHAT IS DISPLAYED IN THE BROWSER---------------- Today is #variables.todaysdate# -----------------------WHAT should BE DISPLAYED IN THE BROWSER------------ Today is 06/14/2006

Abram Adams · Answer

Pete is right, very risky.I've done a similar feature for a site I wrote that allowedusers to edit pages on the fly, only I pre-selected functions thatcould be used and created wrappers for them. Then the users wouldinsert something like $now()$ in the WYSIWYG. Then when the pagewas requested I would pass the data containing HTML and psuedo-CFMLthrough parse routine which would render the end results in acontrolled manner.I would really recommend this route as you will have muchmore controll over the types of scripts that can be run. It is alsoeasy to make buttons that insert the code for them.HTH

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded