Welcome to Geeklog, Anonymous Saturday, November 23 2024 @ 10:43 pm EST
Geeklog Forums
img tags being stripped in the RSS feed. all html now displayed. fixed
Status: offline
nightshadow
Forum User
Newbie
Registered: 12/19/04
Posts: 8
Location:Brisbane, AU
OK, so i have upgraded my RSS feeds to 2.0 and allow image tags to be displayed in the page. When i post an article with images in it they appear fine on the webpage, but the syndicated feed has the encoding stripped when i post in HTML.
Is there anyway around this? i am guessing its something to do with the way it strips HTML tags when it saves it to the database then adds them again to display it.
Can i make it syndicate the feed before stripping the tags.. or will it work if i allow all html and have no filters ? (which i don't really want to do). and how would i do that anyway, i thinks theres a lot more than one option to turn html filtering off.
Is there anyway around this? i am guessing its something to do with the way it strips HTML tags when it saves it to the database then adds them again to display it.
Can i make it syndicate the feed before stripping the tags.. or will it work if i allow all html and have no filters ? (which i don't really want to do). and how would i do that anyway, i thinks theres a lot more than one option to turn html filtering off.
18
15
Quote
Status: offline
Chalkhillian
Forum User
Chatty
Registered: 09/23/02
Posts: 67
Line 205 in rss.feed.class.php you'll find :
Text Formatted Code
$storytext = trim (strip_tags ($text));
16
15
Quote
Status: offline
nightshadow
Forum User
Newbie
Registered: 12/19/04
Posts: 8
Location:Brisbane, AU
I noticed that line.
I am running the rss2 class.
When i remove the line above the rss feed is blank. There is another section on html special chars aswell.
shall i replace it $storytext = $text
i'll just try that anyway.
I am running the rss2 class.
When i remove the line above the rss feed is blank. There is another section on html special chars aswell.
shall i replace it $storytext = $text
i'll just try that anyway.
14
14
Quote
Status: offline
Chalkhillian
Forum User
Chatty
Registered: 09/23/02
Posts: 67
I just removed the strip_tags function, the line is required.
Text Formatted Code
$storytext = trim ($text);
13
15
Quote
Status: offline
nightshadow
Forum User
Newbie
Registered: 12/19/04
Posts: 8
Location:Brisbane, AU
thanks for your help... but one more thing if possible.
the code for rss2.feed.class.php at that part now reads.
{
$storytext = trim ($text);
$storytext = preg_replace ("/(\015)/", "", $storytext);
if ($this->_feedcontentlen > 1) {
if (strlen ($storytext) > $this->_feedcontentlen) {
$storytext = substr ($storytext, 0, $this->_feedcontentlen - 3)
. '...';
}
}
return htmlspecialchars ($storytext);
}
and on the syndicated RSS feed it now displays the code for the HTML, but does not show it as HTML, though i know it is possible for it to display html.
would removing the return htmlspecialchars help. ? That function is not mentioned in the rss2 php file, so i am guesssing its in the library.
sorry my php skills are severely lacking.
the code for rss2.feed.class.php at that part now reads.
Text Formatted Code
function _formatContent ($text){
$storytext = trim ($text);
$storytext = preg_replace ("/(\015)/", "", $storytext);
if ($this->_feedcontentlen > 1) {
if (strlen ($storytext) > $this->_feedcontentlen) {
$storytext = substr ($storytext, 0, $this->_feedcontentlen - 3)
. '...';
}
}
return htmlspecialchars ($storytext);
}
and on the syndicated RSS feed it now displays the code for the HTML, but does not show it as HTML, though i know it is possible for it to display html.
would removing the return htmlspecialchars help. ? That function is not mentioned in the rss2 php file, so i am guesssing its in the library.
sorry my php skills are severely lacking.
20
18
Quote
Status: offline
nightshadow
Forum User
Newbie
Registered: 12/19/04
Posts: 8
Location:Brisbane, AU
alrighty, sorted! it's all in the encoding.
It came down to the htmlspecialchars() call being similar to
htmlentities() and displaying the code for the character instead of the character itself.
to overcome this it now reads:
function _formatContent ($text)
{
$storytext = trim ($text);
if ($this->_feedcontentlen > 1) {
if (strlen ($storytext) > $this->_feedcontentlen) {
$storytext = substr ($storytext, 0, $this->_feedcontentlen - 3)
. '...';
}
}
return
($storytext);
}
and additionally i removed the .htmlspecialchars call between the tag in the rss.feed.class.php (rss1.0 i did it with, haven't done 2.0 yet, should be exact same).
This then opens a security flaw in a way, but if you have HTML tags allowed and disallowed for whichever tags you want allowed etc, they are still stripped before writing the RSS feed.
It came down to the htmlspecialchars() call being similar to
htmlentities() and displaying the code for the character instead of the character itself.
to overcome this it now reads:
Text Formatted Code
function _formatContent ($text)
{
$storytext = trim ($text);
if ($this->_feedcontentlen > 1) {
if (strlen ($storytext) > $this->_feedcontentlen) {
$storytext = substr ($storytext, 0, $this->_feedcontentlen - 3)
. '...';
}
}
return
($storytext);
}
and additionally i removed the .htmlspecialchars call between the tag in the rss.feed.class.php (rss1.0 i did it with, haven't done 2.0 yet, should be exact same).
This then opens a security flaw in a way, but if you have HTML tags allowed and disallowed for whichever tags you want allowed etc, they are still stripped before writing the RSS feed.
17
23
Quote
All times are EST. The time is now 10:43 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content