Smarty Forum Index Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon.
  www.smarty.net   •  phpinsider.com  •  Forum Index  •  FAQ  •  Search  •  Memberlist  •  Profile  •  Log in to check your private messages  •  Register  •  Log in
Regex guru help needed : modifier.kses.php

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> Plugins
View previous topic :: View next topic  
Author Message
eadz
Smarty Regular


Joined: 30 Apr 2003
Posts: 61
Location: Auckland, New Zealand
PostPosted: Sat Jan 17, 2004 6:40 am    Post subject: Regex guru help needed : modifier.kses.php Reply with quote
Quote:
kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks.


kses is very handy for CMSs and commenting systems. The problem is specifing the allowed tags via a modifier.

Now {$text|kses} works of course, but the list of allowed tags and attributes in kses is very flexable. It's specified by an array called $template_tags and looks like this :
[php:1:7f0de7f608]
$template_tags = array(
"b" => array(),
"a" => array("title"=>array(),"href"=>array()),
"iframe" => array("width"=>array("maxval"=>200),"height"=>array("maxval"=>200)))
);
[/php:1:7f0de7f608]

Now, what that does is allow the following tags : b, a with the href and title paramater, and iframe with the width and height paramater as long as they aren't over 200. It will remove all other paramaters, so you can't for example put the src in the iframe tag.

So the question is, how do you get something like ( and this may not be the best syntax ) this :

Code:

{$text|kses:"b,a(title,href),iframe(width(maxval=200),height(maxval=200))"}


into the above array?
_________________
bBlog - Smarty based blogging software
I work for Webforce web site design ( Auckland, NZ )
Back to top
View user's profile Send private message Visit poster's website
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany
PostPosted: Sat Jan 17, 2004 9:04 pm    Post subject: Reply with quote
why do you want to provide the structure of allowed tags in the template? this doesn't really sound like display-logic to me. i'd assign the allowed tags from php and use them inside the modifier.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
eadz
Smarty Regular


Joined: 30 Apr 2003
Posts: 61
Location: Auckland, New Zealand
PostPosted: Sat Jan 17, 2004 9:21 pm    Post subject: Reply with quote
ok then..
_________________
bBlog - Smarty based blogging software
I work for Webforce web site design ( Auckland, NZ )
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> Plugins All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP