Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
I want to add amazon code under my article so tha buyers would buy the link

and the geeklog doesbt accept it

is there a way to do that because i really need that


Status: offline

ByteEnable

Forum User
Full Member
Registered: 20/10/03
Posts: 138
If you are adding html code in the story editor, then its probably getting
stripped out by the kses filter. There is a way to turn it off in config.php.

Byte
LinuxElectrons

Status: offline

garfy

Forum User
Full Member
Registered: 02/01/05
Posts: 437
so how to turn it off

can someone tell me??


Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
PHP Formatted Code
// When set to 1, disables the HTML filter for all users in the 'Root' group.  
// Obviously, you should only enable this if you know what you're doing and    
// when you can trust all the users in the 'Root' group not to use this for    
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 0;
 


bye, Dirk

garfy

Anonymous
Quote by Dirk:
PHP Formatted Code
// When set to 1, disables the HTML filter for all users in the 'Root' group.  
// Obviously, you should only enable this if you know what you're doing and    
// when you can trust all the users in the 'Root' group not to use this for    
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 0;

 


bye, Dirk


why is it so dangerous to enable this, is it because of the visitors who can hack the geeklog or something??

i am the only root user and i will be the only root user

is this option available in 1.3.11 or only in 1.4

thank you Dirk

luke

Anonymous
doesn't seem to work for me, will it only work with 1.4 ver of geeklog

chers luke

Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
Yes, that option is only available as of 1.4.0.

The reason we usually filter HTML is that otherwise you could do all sorts of bad thing, e.g. inject JavaScript to do XSS, deface the site using CSS, etc.

bye, Dirk