Thanks for the tip I'll try this in my next module : yogurt and report back here how easy or dificult it was to use it.
Thank you so much. I'm really happy that HTMLPurifier has been included in Protector.
I've already installed the latest version of Protector and Pico with the function of "HTMLPurifier" ON. It seems to be working with success!!
I thought HTMLPurifier should work not only with PHP5 because I found two different zip files in the download section of their website (http://htmlpurifier.org/download.html); "HTML Purifier 2.1.2 PHP5-strict" and the other one not with PHP5-strict.
hi kentauls.
Quote:
I thought HTMLPurifier should work not only with PHP5 because I found two different zip files in the download section of their website (http://htmlpurifier.org/download.html); "HTML Purifier 2.1.2 PHP5-strict" and the other one not with PHP5-strict.
No. I use the latter, of course.
If we run the "strict version" with PHP4, it must raise "fatal errors".
(PHP4 never allows 'private' etc.)
Anyway, the lifetime of PHP4 will be ended soon.
This problem will be non-sense
Hi GIJOE,
Yes, I can imagine.
I didn't think that you took wrong version of HTML Purifier
.
Here I quote the lines written in the HTML Purifier archives to let many people know the concept.
Quote:
WYSIWYG - What You See Is What You Get
HTML Purifier: A Pretty Good Fit for TinyMCE and FCKeditor
Javascript-based WYSIWYG editors, simply stated, are quite amazing. But I've
always been wary about using them due to security issues: they handle the
client-side magic, but once you've been served a piping hot load of unfiltered
HTML, what should be done then? In some situations, you can serve it uncleaned,
since you only offer these facilities to trusted(?) authors.
Unfortunantely, for blog comments and anonymous input, BBCode, Textile and
other markup languages still reign supreme. Put simply: filtering HTML is
hard work, and these WYSIWYG authors don't offer anything to alleviate that
trouble. Therein lies the solution:
HTML Purifier is perfect for filtering pure-HTML input from WYSIWYG editors.
Enough said.
I know nothing perfect in the world, but hope it can be enough appropriate for use of FCKeditor on d3forum not for anonymous but members!!
I've just implemented it.
Try d3forum-0.77!