Welcome to Geeklog, Anonymous Monday, December 23 2024 @ 11:47 am EST
Geeklog Forums
GL1.3.9 Stripping HTML Code
Anonymous Coward
Anonymous
I have read the threads on 1.3.8 but I still don't understand what is missing in this config.php file to enable <"b"><"h1"><"h2">, etc
// Parameters for checking HTML tags
// *** Warning: Adding the following tags to the list of allowable HTML can
// *** make your site vulnerable to scripting attacks!
// *** Use with care: <img> <span> <marquee> <script> <embed> <object> <iframe>
/* This is a list of HTML tags that users are allowed to use in their posts.
* Each tag can have a list of allowed attributes (see 'a' for an example).
* Any attributes not listed will be filtered, i.e. removed.
*/
$_CONF['user_html'] = array (
'p' => array(),
'b' => array(),
'i' => array(),
'a' => array('href' => 1, 'title' => 1),
'em' => array(),
'br' => array(),
'tt' => array(),
'hr' => array(),
'li' => array(),
'ol' => array(),
'ul' => array(),
'code' => array(),
'pre' => array()
);
/* This is a list of HTML tags that Admins (site admin and story admins) can
* use in their posts. It will be merged with the above list of user-allowable
* tags ($_CONF['user_html']). You can also add tags that have already been
* listed for the user-allowed HTML, so as to allow admins to use more
* attributes (see 'p' for an example).
*/
$_CONF['admin_html'] = array (
'p' => array('class' => 1, 'id' => 1, 'align' => 1),
'div' => array('class' => 1, 'id' => 1),
'span' => array('class' => 1, 'id' => 1),
'table' => array('class' => 1, 'id' => 1, 'width' => 1, 'border' => 1,
'cellspacing' => 1, 'cellpadding' => 1),
'tr' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1),
'th' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1),
'td' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1)
);
// Parameters for checking HTML tags
// *** Warning: Adding the following tags to the list of allowable HTML can
// *** make your site vulnerable to scripting attacks!
// *** Use with care: <img> <span> <marquee> <script> <embed> <object> <iframe>
/* This is a list of HTML tags that users are allowed to use in their posts.
* Each tag can have a list of allowed attributes (see 'a' for an example).
* Any attributes not listed will be filtered, i.e. removed.
*/
$_CONF['user_html'] = array (
'p' => array(),
'b' => array(),
'i' => array(),
'a' => array('href' => 1, 'title' => 1),
'em' => array(),
'br' => array(),
'tt' => array(),
'hr' => array(),
'li' => array(),
'ol' => array(),
'ul' => array(),
'code' => array(),
'pre' => array()
);
/* This is a list of HTML tags that Admins (site admin and story admins) can
* use in their posts. It will be merged with the above list of user-allowable
* tags ($_CONF['user_html']). You can also add tags that have already been
* listed for the user-allowed HTML, so as to allow admins to use more
* attributes (see 'p' for an example).
*/
$_CONF['admin_html'] = array (
'p' => array('class' => 1, 'id' => 1, 'align' => 1),
'div' => array('class' => 1, 'id' => 1),
'span' => array('class' => 1, 'id' => 1),
'table' => array('class' => 1, 'id' => 1, 'width' => 1, 'border' => 1,
'cellspacing' => 1, 'cellpadding' => 1),
'tr' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1),
'th' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1),
'td' => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
'colspan' => 1, 'rowspan' => 1)
);
10
12
Quote
Anonymous Coward
Anonymous
Quote by Dirk: Try the FAQ.
Well, I got it to take the "h3" tag in Geeklog but it still strips it in embedded gallery. I know, I know I'll pop over to the the G folks and ask the question but I thought the stripping within G was due to GL. Thanks for the help Dirk, your patience with newbies is appreciated!
13
16
Quote
All times are EST. The time is now 11:47 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content