| Author |
Message |
dean
Worker
Joined: Apr 14, 2004
Posts: 193
|
 Posted:
Wed Aug 04, 2004 1:32 am |
|
In previous nuke sites, I have used html to format a message and insert images. I finished installing the this distro and find that i get this message: | Quote: | The html tags you attempted to use are not allowed
|
when I attempt to insert the following html Code:<table border="0" cellpadding="2" style="border-collapse: collapse" width="100%" >
<tr>
<td width="24%" >
<img border="0" src="DSCN0396.JPG" width="300" height="225"></td>
<td width="76%">
<p align="left" style="margin-left: 20; margin-right: 20; text-indent:10">
The Fritz Family Network is a website devoted to the Fritz family,
grandparents, parents and children! The various features of this website are
built around sharing news, conversation, pictures, recipes, important dates,
etc. If you like what you see here, please contribute as much as you
can to help building our website by adding whatever meets your fancy.
<p align="left" style="margin-left: 20; margin-right: 20; text-indent:10">
Since this is a new website, we invite you to test all of the features and
report any difficulties you may have in navigating or adding to the Fritz
Family Network<p align="left" style="margin-left: 20; margin-right: 20; text-indent:10">
Since this is a private, secure website, you will need to<a style="color: #FF0000; text-decoration: none" href="http://alaskandog.com/fritz/modules.php?name=Your_Account&op=new_user">
create an account here </a>and follow the instructions that are provided to
you. Enjoy your stay and come back soon!<br>
</tr>
</table>
|
What do I have to do to make this work? |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Wed Aug 04, 2004 4:25 am |
|
mainfile.php has always disallowed certain html tags. I have not altered that. Here is the code as FB released itCode:foreach ($_GET as $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
(eregi("\"", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
foreach ($HTTP_GET_VARS as $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
(eregi("\"", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
foreach ($_POST as $secvalue) {
if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
|
If your html is using any of these tags then Nuke is rejecting it. You can override this but buyer beware  |
| |
|
|
|
|
64bitguy
The Mouse Is Extension Of Arm
Joined: Mar 06, 2004
Posts: 1164
|
| Posted:
Mon Aug 23, 2004 1:36 am |
|
Comment out the following code in your mainfile.php
In Some Distributions the code looks like this:
Code:foreach ($_POST as $secvalue) {
if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
|
In others, it looks like this:
Code:foreach ($_POST as $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue))) {
die ("<center><img src=images/logo.gif><br><br><b>The html tags you attempted to use are not allowed</b><br><br>[ <a href=\"javascript:history.go(-1)\"><b>Go Back</b></a> ]");
}
}
|
In either case, comment all that out, make your webpage changes, then make it the way it was originally again by uncommenting it out. |
_________________
Steph Benoit
100% Section 508 and W3C HTML5 and CSS Compliant (Truly) Code, because I love compliance. |
|
|
|
|
barnaby101
New Member
Joined: Mar 02, 2005
Posts: 4
|
| Posted:
Sat Mar 05, 2005 6:50 am |
|
I would like to be able to use the <table> tag as they do in postnuke
Are there any hacks out there which allow it? |
| |
|
|
|
|
Raven
|
| Posted:
Sat Mar 05, 2005 8:28 am |
|
Please explain more as I'm not clear on what you are asking. |
| |
|
|
|
|
barnaby101
|
| Posted:
Sat Mar 05, 2005 5:20 pm |
|
I have tried to paste in some articles into the "submit news" page.
The preview shows the tables I had but when I go in as admin to approve the news submitted, the module has stripped the html <table> and <br> tags from the submission making it unreadable.
Is there a code hack that allows me to enter tables and use the <br> tags out there? |
| |
|
|
|
|
64bitguy
|
| Posted:
Sat Mar 05, 2005 5:23 pm |
|
You can use <br> by default.. I've never tried to add tables to news, so I have no idea what the impact would be. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
