Welcome to Geeklog, Anonymous Sunday, March 16 2025 @ 02:56 pm EDT
Geeklog Forums
can ot add custom html cde to my articles
Status: offline
ByteEnable
Forum User
Full Member
Registered: 10/20/03
Posts: 138
If you are adding html code in the story editor, then its probably getting
stripped out by the kses filter. There is a way to turn it off in config.php.
Byte
LinuxElectrons
stripped out by the kses filter. There is a way to turn it off in config.php.
Byte
LinuxElectrons
11
13
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Text Formatted Code
// When set to 1, disables the HTML filter for all users in the 'Root' group. // Obviously, you should only enable this if you know what you're doing and
// when you can trust all the users in the 'Root' group not to use this for
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 0;
bye, Dirk
12
14
Quote
garfy
Anonymous
Quote by Dirk:
// Obviously, you should only enable this if you know what you're doing and
// when you can trust all the users in the 'Root' group not to use this for
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 0;
bye, Dirk
Text Formatted Code
// When set to 1, disables the HTML filter for all users in the 'Root' group. // Obviously, you should only enable this if you know what you're doing and
// when you can trust all the users in the 'Root' group not to use this for
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 0;
bye, Dirk
why is it so dangerous to enable this, is it because of the visitors who can hack the geeklog or something??
i am the only root user and i will be the only root user
is this option available in 1.3.11 or only in 1.4
thank you Dirk
16
11
Quote
luke
Anonymous
doesn't seem to work for me, will it only work with 1.4 ver of geeklog
chers luke
chers luke
13
16
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Yes, that option is only available as of 1.4.0.
The reason we usually filter HTML is that otherwise you could do all sorts of bad thing, e.g. inject JavaScript to do XSS, deface the site using CSS, etc.
bye, Dirk
The reason we usually filter HTML is that otherwise you could do all sorts of bad thing, e.g. inject JavaScript to do XSS, deface the site using CSS, etc.
bye, Dirk
16
13
Quote
All times are EDT. The time is now 02:56 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content