Welcome to Geeklog Sunday, March 24 2019 @ 01:27 pm EDT

Geeklog Forums

All HTML tags to stories.


Status: offline

Vito Karleone

Forum User
Newbie
Registered: 20/11/03
Posts: 3
Hi, my Geeklog version 1.3.8-1sr2.
My code:

PHP Formatted Code
/* This is a list of HTML tags that users are allowed to use in their posts.
 * Each tag can have a list of allowed attributes (see 'a' for an example).
 * Any attributes not listed will be filtered, i.e. removed.
 */

$_CONF['user_html'] = array (
    'p'    => array(),
    'b'    => array(),
    'i'    => array(),
    'a'    => array('href' => 1, 'title' => 1),
    'em'   => array(),
    'br'   => array(),
    'tt'   => array(),
    'hr'   => array(),
    'li'   => array(),
    'ol'   => array(),
    'ul'   => array(),
    'code' => array(),
    'pre'  => array()
);

/* This is a list of HTML tags that Admins (site admin and story admins) can
 * use in their posts. It will be merged with the above list of user-allowable
 * tags ($_CONF['user_html']). You can also add tags that have already been
 * listed for the user-allowed HTML, so as to allow admins to use more
 * attributes (see 'p' for an example).
 */

$_CONF['admin_html'] = array (
   
    'p'     => array('class' => 1, 'id' => 1, 'align' => 1),
    'align'     => array('class' => 1, 'id' => 1, 'align' => 1),
    'div'   => array('class' => 1, 'id' => 1),
    'span'  => array('class' => 1, 'id' => 1),
    'table' => array('class' => 1, 'id' => 1, 'width' => 1, 'border' => 1,
                     'cellspacing' => 1, 'cellpadding' => 1),
    'tr'    => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1),
    'th'    => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
                     'colspan' => 1, 'rowspan' => 1),
    'td'    => array('class' => 1, 'id' => 1, 'align' => 1, 'valign' => 1,
                     'colspan' => 1, 'rowspan' => 1)
    );
 


Show please that it is necessary to change that all codes were accessible? Big Thanks!

Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
Location:Stuttgart, Germany
Quote by Vito Karleone: Show please that it is necessary to change that all codes were accessible?

You don't want that, believe me.

It should be obvious how to add more tags to that list (just copy one of the existing lines and replace the HTML tag with the one you want). You need to be careful with what you allow, though, as that may make your site vulnerable to cross site scripting attacks and other nasty things.

bye, Dirk

All times are EDT. The time is now 01:27 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content