I am trying to create a blog o django where the admin posts blogs from the admin site.
I have given a TextField for the content and now want to give a new line.
I have tried using \n but it doesn't help. The output on the main html page is still the same with \n printing in it. I have also tried the tag and allowed tags=True in my models file. Still the same. All the tags are coming as it is on the html page.
My Django admin form submitted:
The result displayed in my public template:
You should use the template filter linebreaks, that will convert the reals \n (that means the newline in the textarea, not the ones you typed using \ then n) into <br />:
{{ post.content|linebreaks }}
Alternatively, you can use linebreaksbr if you don't want to have the surrounding <p> block of course.
After searching the internet and trying different Django Template Filters, I came across one specific filter, SAFE.
For me, LINEBREAKS filter didn't work, as provided by #Maxime above, but safe did.
Use it like this in your html template file.
{{post.content|safe}}
To have a better understanding of SAFE filter, i suggest reading the documentation.
{{post.content|linebreaks}}
This will make the line in the textbox appear as it is without using \n or \.
{{post.content|linebreaksbr}}
Besides the newline function in your CSS Declaration will work too.
Related
I am using django's forms class along with it's cleaned_data method to get user posts/comments. The problem is that the newlines are not preserved in the cleaned_data field so
The firs line of comment.
And the second lines.
Ends up being
The firs line of comment. And the second lines.
Which is not good.
How to avoid this without using a WYSIWYG editor?
If you're referring to the output of the value held in the field, you just need to use the linebreaks or linebreaksbr filter: https://docs.djangoproject.com/en/1.7/ref/templates/builtins/#linebreaks
{{ instance.field|linebreaks }}
or
{{ instance.field|linebreaksbr }}
to get the correct formatting without having to use a wysiwyg editor.
I use this redactor for admin site django-wysiwyg-redactor
But when I enter some text, it pastes it with html tags. When discovering my source code, I noticed that html code that is responsible for my input data, is placed in quotes.
I think you have to use "safe", the built-in template filter to render the html properly in your template. Example:
{{ myTextField|safe }}
Safe in django docs
In one of my projects there was need to implement WYSIWYG-editor into django admin. I've installed http://code.google.com/p/django-tinymce/. Everything works well, but there is a problem with rendering the content made with WYSIWYG-editor. As a result, on html page returns special chars instead of normal html-tags and I see "plain" html tags with no html-layout.
Maybe the problem is in the templates? I simply output variable like {{ content }}
try {{ content|safe }}
Marks a string as not requiring
further HTML escaping prior to output.
via safe
So, I'm passing an object with a "content" property that contains html.
<div>{{ myobject.content }}</div>
I want to be able to output the content so that the characters are rendered as the html characters.
The contents of "conent" might be: <p>Hello</p>
I want this to be sent to the browser as: &lt;p&gt;Hello&lt;/p>
Is there something I can put in my template to do this automatically?
Yes, {{ myobject.content | escape }} should help (assuming you mean Django templates -- there's no specific "App Engine" templating system, GAE apps often use the Django templating system); you may need to repeat the | escape part if you want two levels of escaping (as appears to be the case in some but not all of the example you supply).
This is Django's django.utils.html.escape function:
def escape(html):
"""Returns the given HTML with ampersands, quotes and carets encoded."""
return mark_safe(force_unicode(html).replace('&', '&').replace('<', '&l
t;').replace('>', '>').replace('"', '"').replace("'", '''))
Also, see here.
My Django app has a Person table, which contains the following text in a field named details:
<script>alert('Hello');</script>
When I call PersonForm.details in my template, the page renders the script accordingly (a.k.a., an alert with the word "Hello" is displayed). I'm confused by this behavior because I always thought Django 1.0 autoescaped template content by default.
Any idea what may be going on here?
UPDATE: Here's the snippet from my template. Nothing terribly sexy:
{{ person_form.details }}
UPDATE 2: I have tried escape, force-escape, and escapejs. None of these work.
You need to mark the values as | safe I think (I'm guessing that you're filling in the value from the database here(?)):
{{ value|safe }}
Could you post a sample of the template? Might make it easier to see what's wrong
[Edit] ..or are you saying that you want it to escape the values (make them safe)? Have you tried manually escaping the field:
{{ value|escape }}
[Edit2] Maybe escapejs from the Django Project docs is relevent:
escapejs
New in Django 1.0.
Escapes characters for use in JavaScript strings. This does not make the string safe for use in HTML, but does protect you from syntax errors when using templates to generate JavaScript/JSON.
[Edit3] What about force_escape:
{{ value|force_escape }}
...and I know it's an obvious one, but you're absolutely certain you've not got any caching going on in your browser? I've tripped over that one a few times myself ;-)
Found the problem. The JSON string I'm using to render data to some Ext widgets is the culprit. Big thanks to Jon Cage. Answer accepted despite the problem being caused by another source.