Text Editor for comments

tags:

ckeditor
php

views:

answers:

+1 Q:

Text Editor for comments

I am using the CKEditor for my website along with PHP, and want to allow only <b>, <i>, <a>, and <img> tags. This is easy, however our problem is that a user could essentially add a <b> tag some where and then not close it resulting in all of the comments thereafter and the rest of that page being bolded.

How do we check and make sure that whatever tag is opened is now closed?

I went to the website and checked the demo. The editor handles open tags out of the box.

John at CashCommons 2010-06-05 00:06:20

yes, it does through javascript. But this does not ensure protection through injections outside. If you use say Tamper Data for firefox you can modify what is being sent and CKEditor no longer has a solution for us.

Mike Silvis 2010-06-05 00:11:08

+1 A:

Well if you worry about tampered data being sent to your server, you need to process the data on the server side using something like Tidy.

Iggy Kay 2010-06-05 02:35:09

+1 A:

You must use a script like http://htmlpurifier.org/ at your server.

AlfonsoML 2010-06-05 09:57:09

ansaurus

tags:

views:

answers:

Text Editor for comments

related questions