[pLog-svn] blog comment (fwd)
oscar at renalias.net
Sun Jul 16 21:08:25 GMT 2006
We're already doing it.
This is from class/action/addcommentaction.class.php:
$this->_commentText = trim($this->_request->getValue
( "commentText" ));
$this->_commentText = $tf->xhtmlize($tf->filterHTML
( $this->_commentText ));
the method Textfilter::xhtmlize() uses kses, so perhaps there is
something that kses isn't catching.
On 17 Jul 2006, at 00:03, Jon Daley wrote:
> I was thinking that we could do the same kses stuff that we do for
> posts, if the user selects that option.
> On Sun, 16 Jul 2006, Oscar Renalias wrote:
>>> So, all that to say, what should happen when the blog
>>> owner, or
>>> comment poster paste invalid html?
>> It's hard to say, but currently it will probably break.
>> The only option would be to write an HTML parser (the kses class gets
>> quite close to that) or use the 'tidy' extension in PHP5 if
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
> Jon Daley
> The most wasted of all days is one without laughter.
> -- e. e. cummings
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
More information about the pLog-svn