Skip to topic | Skip to bottom
Home
Search:

Devel

Devel.DadaKsesHowTor1.1 - 28 Oct 2004 - 08:50 - MikeCastlemantopic end
You are here: Devel > DadaIMC > DadaKsesHowTo
Start of topic | Skip to actions

HOWTO Get DadaIMC and kses working together

kses is a PHP library for cleaning up HTML by only allowing specified tags. it's not perfect, but is probably better than the regex-based disallowing currently in dada. in case any other IMCs are interested, here is how I got it working:

1. download kses from http://sourceforge.net/projects/kses

2. fish out the kses.php file and put it in the imc_classes directory of your dada installation

3. add to the top of imc_classes/imc_FunctionLibrary.inc: 

require_once('imc_classes/kses.php');

4. somewhere in imc_classes/imc_FunctionLibrary.inc, add the following function, modifying to taste if you like: 

function call_kses($str) {
        $args = array(); // just for paranoia
        $args['a'] = array('href' => array('minlen' => 6, 'maxlen' => 200),
                           'title' => array('valueless' => 'n'));
        $args['abbr'] = array('title' => array('valueless' => 'n'));
        $args['acronym'] = array('title' => array('valueless' => 'n'));
        $args['b'] = array();
        $args['blockquote'] = array('cite' => array('maxlen' => 200));
        $args['br'] = array();
        $args['code'] = array();
        $args['cite'] = array();
        $args['dfn'] = array();
        $args['em'] = array();
        $args['i'] = array();
        $args['kbd'] = array();
        $args['p'] = array();
        $args['q'] = array('cite' => array('maxlen' => 200));
        $args['s'] = array();
        $args['samp'] = array();
        $args['strike'] = array();
        $args['strong'] = array();
        $args['tt'] = array();
        $args['u'] = array();
        $args['var'] = array();

        return kses($str, $args, array('http', 'https', 'ftp', 'mailto'));
}

5. in imc_classes/imc_Article.inc, modify the relevant lines to use the call_kses() function rather than cleantext(): 

                if (isset($form_summary)) $this->set_summary(call_kses($form_summary));
                if (isset($form_body)) $this->set_body(call_kses($form_body));
(if you're not calling htmlspecialchars() on the other form inputs, you can make the appropriate substitution of call_kses())

6. make similar changes in other places where it's needed. this includes at a minimum mods/otherpress/imc_classes/imc_OtherPress.inc and something for the media gallery if you use it (we don't in nyc), possibly other files -- not sure yet.

we're now using this in nyc. it seems to work, but please let me know if you see or know of any problems with this.

-- MikeCastleman - 28 Oct 2004
to top

End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.1 | Total page history | Backlinks
You are here: Devel > DadaIMC > DadaKsesHowTo

to top

Copyright © 1999-2008 by the contributing authors.
All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding this tool? Send feedback (in English, Francais, Deutsch or Dutch).