D0n0tr0t0d
New Member
is it possible to only allow certain usergroups to post html in the forums?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
How-To?? Help??
- Thread starter D0n0tr0t0d
- Start date
D0n0tr0t0d
New Member
yeah I did it has nothing with allow HTML
it only has it on forum permissions and doesn't specify just one group.
it only has it on forum permissions and doesn't specify just one group.
Doing it by usergroup is problematic. It's rather awkward if someone quotes a post containing HTML, and in their post the HTML doesn't work (but in the one they quoted it did). Similarly, if someone gets promoted, what happens to their old posts? What if someone without the right to post raw HTML included, in some remote old post, some text like "<script>do_something_evil();</script>" as an example of how an attack might work, or who knows what, in the expectation that it would get escaped ― and they then got promoted to admin? What if someone makes a long post, cleverly buries some malicious HTML in it (perhaps hidden using font coloring or similar), and then gets an admin to quote it?
Having raw HTML only per forum is much, much safer. If you need more flexibility, use custom BB codes (for instance, that works great for embedding videos) and possibly extensions of various kinds
Having raw HTML only per forum is much, much safer. If you need more flexibility, use custom BB codes (for instance, that works great for embedding videos) and possibly extensions of various kinds
D0n0tr0t0d
New Member
sounds good but mostly the html posts i'm making are all closed so there is no quotes.
but i think i figured out that I have to switch on html in the category>post whats needed>then undo html in category and it still shows the posted html.
but i think i figured out that I have to switch on html in the category>post whats needed>then undo html in category and it still shows the posted html.
is it possible to only allow certain usergroups to post html in the forums?
Lost me m8 that was your question?