vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   How do I allow HTML for this? (https://vborg.vbsupport.ru/showthread.php?t=319039)

Duckface 06-11-2015 06:57 PM
How do I allow HTML for this?
 
<a href="http://i.imgur.com/dCJXFLv.png" target="_blank">http://i.imgur.com/dCJXFLv.png</a>

How do I allow HTML for each user to be used here and how do I increase the amount of characters that can be entered.

MarkFL 06-11-2015 09:12 PM
I highly recommend against allowing your users to embed HTML anywhere. You open yourself up to security risks otherwise. :D

SPEEDKILLZ 06-12-2015 12:36 AM
Quote:
Originally Posted by MarkFL (Post 2547636)
I highly recommend against allowing your users to embed HTML anywhere. You open yourself up to security risks otherwise. :D

Listen to this guy ^^ . Allowing your members to use HTML is a bad idea.

Duckface 06-13-2015 08:51 PM
Well I could block the content of that with php anyway. Especially <script> and audio. iframe and <a> just a simple php check on the content of the field.

MarkFL 06-13-2015 09:07 PM
If my users want HTML markup in their user title (and I deem them worthy...:rolleyes:), I add it via the AdminCP myself. :D

Duckface 06-13-2015 09:21 PM
Quote:
Originally Posted by MarkFL (Post 2547758)
If my users want HTML markup in their user title (and I deem them worthy...:rolleyes:), I add it via the AdminCP myself. :D
But generally, I understand your point. Thanks.

Zachery 06-14-2015 04:59 PM
The huge exercise in trying to tidy and sanitize html is not worth it to allow users arbitrary input.

What exactly is it that you want them to be able to do?

Dave 06-15-2015 09:11 AM
Another example of why you don't want to do this is I can simply input something such as '<a' or '<div ="' and it will break the whole forum.


All times are GMT. The time now is 03:53 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01032 seconds
  • Memory Usage 1,719KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (8)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete