vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   How to unparse HTML in ? (https://vborg.vbsupport.ru/showthread.php?t=273005)

Chris8 10-29-2011 03:14 AM
How to unparse HTML in ?
 
How to add a new field to fill by user in a safe way? How to unparse HTML in fields? (Note: not in user customfields that vbulletin provides by default) Do I need to use $bbcode_parser here? Any ideas?

souperman 10-29-2011 03:26 AM
Why don't you try it and see if it works? It's normally the script tags that are the dangerous ones. You can also use htmlentities if you can't find the html parser, but you won't be able to parse BB code with that.

Chris8 10-29-2011 11:33 PM
Thanks for the answer. I've read a bit about it and I think now it's a better idea to clean user input before the data hits database if it is only letters or numbers. :)

souperman 10-31-2011 02:20 AM
You should use htmlentities with ENT_QUOTES


All times are GMT. The time now is 02:29 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00971 seconds
  • Memory Usage 1,706KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete