Post code on note does't escape '<', '>' !

blueray2048 · Post by **blueray2048** » 23 May 2007, 13:39

when issue note contain html element. It does't escape and treated it as normal html element and render it.

Do this be the normal ?

Such as,

Initial Code

Code: Select all

    $t_code_ary = explode('<br />', $t_str_code);
    if (sizeof($t_code_ary))
    {

It displayed as

Code: Select all

    $t_code_ary = explode('
', $t_str_code);
    if (sizeof($t_code_ary))
    {

Thanks,

deboutv · Post by **deboutv** » 23 May 2007, 13:56

There is a list of acceptable html tag. <br> is in the list so if you write <br> in your description, it is interpreted as HTML tag.
Use the tag <pre></pre> to insert HTML code (or other code like PHP).

blueray2048 · Post by **blueray2048** » 23 May 2007, 14:19

Thanks, deboutv.

Yes, I have do this already.

before and after the code

Code: Select all

<pre>
    $t_code_ary = explode('
', $t_str_code);
    if (sizeof($t_code_ary))
    {

</pre>

But this does't help.
I go to turn the br element off instead.
Be this with config_inc.php ?

deboutv · Post by **deboutv** » 23 May 2007, 14:29

blueray2048 wrote:Thanks, deboutv.

Yes, I have do this already.

before and after the code
Code: Select all
<pre>
    $t_code_ary = explode('
', $t_str_code);
    if (sizeof($t_code_ary))
    {

</pre>
But this does't help.
I go to turn the br element off instead.
Be this with config_inc.php ?

Yes, modify the value of

Code: Select all

$g_html_valid_tags		= 'p, li, ul, ol, br, pre, i, b, u';

blueray2048 · Post by **blueray2048** » 23 May 2007, 15:59

Oh, Thanks deboutv,

It works now. But this may be added support bbcode should be much better.

deboutv · Post by **deboutv** » 23 May 2007, 16:05

Check in the bugtracker, I think it has already been asked. If not, feel free to ask it

deboutv · Post by **deboutv** » 17 Jun 2007, 15:31

I have written a plugin to support bbcode

Snapshots: http://deboutv.free.fr/mantis/
http://deboutv.free.fr/mantis/plugin.php?plugin=bbcode