views:

67

answers:

2

I read the http://htmlpurifier.org/docs/enduser-youtube.html doc, but I still can't figure out where to put the code to allow object, param and embed tags and Use experimental features with my htmlpurifier. Can someone please show me how to do this?

+3  A: 

Add this.

 $config->set('HTML.SafeObject', true);
 $config->set('HTML.SafeEmbed', true);

To this.

 require_once '../../htmlpurifier/library/HTMLPurifier.auto.php';

 $config = HTMLPurifier_Config::createDefault();
 $config->set('Core.Encoding', 'UTF-8'); // replace with your encoding
 $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); // replace with your doctype
 $config->set('HTML.SafeObject', true);
 $config->set('HTML.SafeEmbed', true);
 $purifier = new HTMLPurifier($config);

 $about_me = mysqli_real_escape_string($mysqli, $purifier->purify($_POST['about_me']));
TaG
A: 

The HTML.SafeObject eats a lot of memory I do not recommend you:

http://support.chamilo.org/issues/1450

Julio Montoya