Welcome to Geeklog, Anonymous Friday, November 22 2024 @ 12:14 am EST
Geeklog Forums
All HTML tags to stories.
Status: offline
Vito Karleone
Forum User
Newbie
Registered: 11/20/03
Posts: 3
Hi, my Geeklog version 1.3.8-1sr2.
My code:
* Each tag can have a list of allowed attributes (see 'a' for an example).
* Any attributes not listed will be filtered, i.e. removed.
*/
$_CONF['user_html'] = array (
'p' => array(),
'b' => array(),
'i' => array(),
'a' => array('href' => 1, 'title' => 1),
'em' => array(),
'br' => array(),
'tt' => array(),
'hr' => array(),
'li' => array(),
'ol' => array(),
'ul' => array(),
'code' => array(),
'pre' => array()
);
/* This is a list of HTML tags that Admins (site admin and story admins) can
* use in their posts. It will be merged with the above list of user-allowable
* tags ($_CONF['user_html']). You can also add tags that have already been
* listed for the user-allowed HTML, so as to allow admins to use more
* attributes (see 'p' for an example).
*/
$_CONF['admin_html'] = array (
'p' => array('class' => 1, 'id' => 1, 'align' => 1),
'align' => array('class' => 1, 'id' => 1, 'align' => 1),
'div' => array('class' => 1, 'id' => 1),
'span' => array('class' => 1, 'id' => 1),
'table' => array('class' => 1, 'id' => 1, 'width' => 1, 'border' => 1,
'cellspacing' => 1, 'cellpadding' => 1),
'tr' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1),
'th' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1),
'td' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1)
);
Show please that it is necessary to change that all codes were accessible? Big Thanks!
My code:
Text Formatted Code
/* This is a list of HTML tags that users are allowed to use in their posts.* Each tag can have a list of allowed attributes (see 'a' for an example).
* Any attributes not listed will be filtered, i.e. removed.
*/
$_CONF['user_html'] = array (
'p' => array(),
'b' => array(),
'i' => array(),
'a' => array('href' => 1, 'title' => 1),
'em' => array(),
'br' => array(),
'tt' => array(),
'hr' => array(),
'li' => array(),
'ol' => array(),
'ul' => array(),
'code' => array(),
'pre' => array()
);
/* This is a list of HTML tags that Admins (site admin and story admins) can
* use in their posts. It will be merged with the above list of user-allowable
* tags ($_CONF['user_html']). You can also add tags that have already been
* listed for the user-allowed HTML, so as to allow admins to use more
* attributes (see 'p' for an example).
*/
$_CONF['admin_html'] = array (
'p' => array('class' => 1, 'id' => 1, 'align' => 1),
'align' => array('class' => 1, 'id' => 1, 'align' => 1),
'div' => array('class' => 1, 'id' => 1),
'span' => array('class' => 1, 'id' => 1),
'table' => array('class' => 1, 'id' => 1, 'width' => 1, 'border' => 1,
'cellspacing' => 1, 'cellpadding' => 1),
'tr' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1),
'th' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1),
'td' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1)
);
Show please that it is necessary to change that all codes were accessible? Big Thanks!
12
11
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by Vito Karleone: Show please that it is necessary to change that all codes were accessible?
You don't want that, believe me.
It should be obvious how to add more tags to that list (just copy one of the existing lines and replace the HTML tag with the one you want). You need to be careful with what you allow, though, as that may make your site vulnerable to cross site scripting attacks and other nasty things.
bye, Dirk
10
19
Quote
All times are EST. The time is now 12:14 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content