[pLog-svn] r2462 - plog/branches/plog-1.0.2/templates/summary
Mark Wu
markplace at gmail.com
Mon Sep 12 13:40:57 GMT 2005
Hi Jon:
Kindly take a look at _fetchCommonData() in
/class/action/adminpostmanagementcommonaction.class.php , we already filter
the thml before we save it.. :D
$this->_postTopic =
trim(Textfilter::xhtmlize(Textfilter::filterAllHTML($this->_request->getValu
e( "postTopic" ))));
Mark
> -----Original Message-----
> From: plog-svn-bounces at devel.plogworld.net
> [mailto:plog-svn-bounces at devel.plogworld.net] On Behalf Of Jon Daley
> Sent: Monday, September 12, 2005 9:24 PM
> To: plog-svn at devel.plogworld.net
> Subject: RE: [pLog-svn] r2462 -
> plog/branches/plog-1.0.2/templates/summary
>
> Are you sure? I don't think so.
>
> On Mon, 12 Sep 2005, Mark Wu wrote:
> > Hi Jon:
> >
> > Sorry forget to metioned another thing, we already filter postTopic
> > html tag in 1.0.2... Therefore, I think we don't need to
> strip them in summary again.
> >
> > Mark
> >
> >> -----Original Message-----
> >> From: Mark Wu [mailto:markplace at gmail.com]
> >> Sent: Sunday, September 11, 2005 11:11 PM
> >> To: 'plog-svn at devel.plogworld.net'
> >> Subject: RE: [pLog-svn] r2462 -
> >> plog/branches/plog-1.0.2/templates/summary
> >>
> >> Hi Jon:
> >>
> >> I just think if we "have to" strip tags for comment topic,
> why don't
> >> we just remove it before we save the comments?
> >>
> >> How do you think?
> >>
> >> Mark
> >>
> >>> -----Original Message-----
> >>> From: plog-svn-bounces at devel.plogworld.net
> >>> [mailto:plog-svn-bounces at devel.plogworld.net] On Behalf Of
> >>> jondaley at devel.plogworld.net
> >>> Sent: Sunday, September 11, 2005 7:32 PM
> >>> To: plog-svn at devel.plogworld.net
> >>> Subject: [pLog-svn] r2462 -
> >> plog/branches/plog-1.0.2/templates/summary
> >>>
> >>> Author: jondaley
> >>> Date: 2005-09-11 11:32:08 +0000 (Sun, 11 Sep 2005) New
> >> Revision: 2462
> >>>
> >>> Modified:
> >>> plog/branches/plog-1.0.2/templates/summary/post.template
> >>> plog/branches/plog-1.0.2/templates/summary/summary.template
> >>> Log:
> >>> remove html tags from comment Topic, in all cases. Remove
> >> html from
> >>> postTopic, in admin interface. This doesn't entirely solve the
> >>> problem, because if users want to allow <a
> >> href=blah>...</a> in their
> >>> comments (and plog does that by
> >>> default) then the user is also allowed to have the iframe
> attribute
> >>> tag stuff. A fair amount of discussion on the strip_tags
> >> section of
> >>> php.net
> >>>
> >>> Modified: plog/branches/plog-1.0.2/templates/summary/post.template
> >>>
> ===================================================================
> >>> --- plog/branches/plog-1.0.2/templates/summary/post.template
> >>> 2005-09-11 11:04:03 UTC (rev 2461)
> >>> +++ plog/branches/plog-1.0.2/templates/summary/post.template
> >>> 2005-09-11 11:32:08 UTC (rev 2462)
> >>> @@ -1,6 +1,6 @@
> >>> {assign var="blog" value=$post->getBlogInfo()}
> >>> {assign var="request" value=$blog->getBlogRequestGenerator()}
> >>> - <h5>{$post->getTopic()}</h5>
> >>> + <h5>{$post->getTopic()|strip_tags}</h5>
> >>> <div class="subtitle">
> >>> {$locale->tr("blog")} <a
> >>> href="{$request->blogLink()}">{$blog->getBlog()}</a>
> >>> </div>
> >>> @@ -19,4 +19,4 @@
> >>> <img src="imgs/comment.png" width="11" height="10"
> >>> alt="{$locale->tr("comments")}" />
> >>> <a
> >>> href="{$request->postPermalink($post)}#comments">{if
> >>> $post->getTotalComments() eq 0}{$locale->tr("comment on
> >>> this")}{else}{$post->getTotalComments()}
> >>> {$locale->tr("comments")|capitalize}{/if}</a>
> >>> <br style="clear: both;" />
> >>> - </div>
> >>> \ No newline at end of file
> >>> + </div>
> >>>
> >>> Modified:
> >> plog/branches/plog-1.0.2/templates/summary/summary.template
> >>>
> ===================================================================
> >>> ---
> >>> plog/branches/plog-1.0.2/templates/summary/summary.template
> >>> 2005-09-11 11:04:03 UTC (rev 2461)
> >>> +++
> >>> plog/branches/plog-1.0.2/templates/summary/summary.template
> >>> 2005-09-11 11:32:08 UTC (rev 2462)
> >>> @@ -1,6 +1,6 @@
> >>> {include file="summary/header.template"}
> >>> {foreach from=$posts item=post}
> >>> - <h3>{$post->getTopic()}</h3>
> >>> + <h3>{$post->getTopic()|strip_tags}</h3>
> >>> {assign var="postDate" value=$post->getDateObject()} {assign
> >>> var="postOwner" value=$post->getUserInfo()} <span
> >>> class="date">{$postOwner->getUsername()} |
> >>> {$locale->formatDate($postDate,"%d %B, %Y %H:%M")}</span>
> >>>
> >>> _______________________________________________
> >>> pLog-svn mailing list
> >>> pLog-svn at devel.plogworld.net
> >>> http://devel.plogworld.net/mailman/listinfo/plog-svn
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.plogworld.net
> > http://devel.plogworld.net/mailman/listinfo/plog-svn
> >
>
> **************************************
> Jon Daley
> http://jon.limedaley.com/plog/
>
> Quoting: the act of repeating erroneously the words of another.
> -- Ambrose Bierce
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.plogworld.net
> http://devel.plogworld.net/mailman/listinfo/plog-svn
More information about the pLog-svn
mailing list