Welcome to Geeklog, Anonymous Wednesday, April 24 2024 @ 06:10 am EDT
Geeklog Forums
Allowed HTML in stories for admins only
I know how to changed the allowed HTML that is used only by admins in stories by modifying the config.php. My question is how can I modify this to allow all HTML (only for admins) as with static pages. I am not sure of what exactly I nedd to add to achieve this.
Can someone help with this please?
I came across this issue as I would like to be able to add code like:
This code is for a video clip by Pink off the PETA site. I can get it to work in a staticpage, but I would like to put it in a story so people can comment on this issue. I am pretty sure I will need to do this with other issues as well.
If there is any major issues with me doing this can you also point this out to me, but the way I see it now it is no different to an admin creating a staticpage. Tell me if I am wrong on this point so I have a clear understanding.
Thanking you in advance
Kev :shakehands:
Live everyday as if it was your last!
Can someone help with this please?
I came across this issue as I would like to be able to add code like:
Text Formatted Code
<embed src="http://www.savethesheep.com/swf/wool_pink.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="255" height="195" allowScriptAccess="always"></embed> <br>Learn more at <a target="_blank" href="http://getactive.peta.org/campaign/pink_wool_video?c=stspinkvid">SaveTheSheep.com</a>This code is for a video clip by Pink off the PETA site. I can get it to work in a staticpage, but I would like to put it in a story so people can comment on this issue. I am pretty sure I will need to do this with other issues as well.
If there is any major issues with me doing this can you also point this out to me, but the way I see it now it is no different to an admin creating a staticpage. Tell me if I am wrong on this point so I have a clear understanding.
Thanking you in advance
Kev :shakehands:
Live everyday as if it was your last!
7
4
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1468
Location:Canada
Right below that config option in config.php
// When set to 1, disables the HTML filter for all users in the 'Root' group.
// Obviously, you should only enable this if you know what you're doing and
// when you can trust all the users in the 'Root' group not to use this for
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 1;
One of the Geeklog Core Developers.
// When set to 1, disables the HTML filter for all users in the 'Root' group.
// Obviously, you should only enable this if you know what you're doing and
// when you can trust all the users in the 'Root' group not to use this for
// Cross Site Scripting, defacements, etc. USE AT YOUR OWN RISK!
$_CONF['skip_html_filter_for_root'] = 1;
One of the Geeklog Core Developers.
4
6
Quote
Status: offline
k74
Forum User
Full Member
Registered: 09/19/04
Posts: 128
Location:Australia
:shakehands:
Thanks for that Laugh, I did not pick that option up. I don't think I will have a problem with this as I am the only root group member, and the only admin allowed for articles and staticpages.
Just another question, by disabling this for root users, this won't open the site up for any outside hack attacks. This will just allow admin(root groups) to use html in articles, as they would in staticpages? Correct or Not?
I am just wanting to be very clear on this point, so that I don't open up my site to any security issues.
Thanks again for your help.
Kev
Live everyday as if it was your last!
Thanks for that Laugh, I did not pick that option up. I don't think I will have a problem with this as I am the only root group member, and the only admin allowed for articles and staticpages.
Just another question, by disabling this for root users, this won't open the site up for any outside hack attacks. This will just allow admin(root groups) to use html in articles, as they would in staticpages? Correct or Not?
I am just wanting to be very clear on this point, so that I don't open up my site to any security issues.
Thanks again for your help.
Kev
Live everyday as if it was your last!
5
7
Quote
All times are EDT. The time is now 06:10 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content