Hi people.
I'd like to allow HTML code in my forum but I don't know how :)
Would any of you explain to me how I could do it?
Regards
Skrljutak 0 Newbie Poster
Gem4 0 Newbie Poster
Assuming you are using php,
You have to use htmlentities() function for that, also try nl2br() function for new line.
Skrljutak 0 Newbie Poster
I substituted all <> with () but it says it's not supported.
Would you please be so kind as to tell me how to use nl2br()?
Regards
diafol
> 'd like to allow HTML code in my forum but I don't know how
Ahem, did you read the bit about security?
You'd be better off allowing certain BBCodes than giving somebody carte-blanche to paste in any old rubbish. Leaving off certain close tags could mess up your page layout or js scripts could hijack the page.
Skrljutak 0 Newbie Poster
The forum will be locked and invisible for the guests so the security will not be an issue.
Please help
jonsca 1,059 Quantitative Phrenologist Team Colleague Featured Poster
the security will not be an issue
I'm no expert on the topic, so this is just a thought, but what happens if one of your trusted users has a weak password and the account is compromised?
Skrljutak 0 Newbie Poster
Weak passwords will not be allowed.
I would need a suggestion or a lead how to do it.
Borzoi 24 Posting Whiz
Even strong passwords are crackable and it won't stop the user being subjugated to phishing. I would go with ardav and only allow bbcode.
jonsca commented: Thank you +6
Skrljutak 0 Newbie Poster
Thanks guys for all your care for the security of my forum but I'd sincerely like someone to tell me how to allow it. I also got the information that allowing HTML in phpBB3 is disabled because of security reasons but I'm still not sure if it's 100% true.
Borzoi 24 Posting Whiz
If you're using phpBB then there should be an option in the administrator settings somewhere to allow it. I haven't used the most recent version though so I don't know if the option has been removed.
Skrljutak 0 Newbie Poster
Thanks Borzoi
diafol
Although you could do it, it doesn't mean that you should. The HTML facility was taken out of phpBB3 AFAIK due to security issues. You seem absolutely determined to go through with it. Here's a phpBB3 mod that will allow you to enable HTML:
http://lithiumstudios.org/forum/viewtopic.php?f=31&t=535
I would read the disclaimer before the download link.
This post is also interesting:
http://www.phpbb.com/community/viewtopic.php?f=46&t=1822125&start=0
I think you're mad to do this, but hey, not my prob.
Skrljutak 0 Newbie Poster
Dear Ardav,
Your help is more than appreciated.
If there is anything I may help with don't hesitate to contact me.
Enjoy in the rest of your day.
Skrljut
Gants 0 Newbie Poster
if you are using PHP forum, then you should use htmlentities() to allow
Skrljutak 0 Newbie Poster
Gants,
When you mention the entities(), do you think only to substitute these <> with these ()?
I am asking because I have already tried that and it didn't work.
Regards
diafol
You need to ensure that you strip out any <script> or <link> stuff and that all tags are properly closed. For example if an user were to post '<strong>jvwjnvj' and leave it at that, would that then show the rest of the page below his displayed message as BOLD type? You are trusting users to create well-formed html and not to post malicious js or css.
> When you mention the entities(), do you think only to substitute these <> with these ()?
I am asking because I have already tried that and it didn't work.
If you are using tag replacement, use BBCode.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.