If you are running PHPNuke and have the img tag in your allowed html array in config.php you need this hack! This hack replaces the code in the check_html function with KSES which works much better for filtering attributes such as style= out of allowed tags. If something is not in the allowed attribute array it gets stripped out period. So if you are using a WYSIWYG editor for you Submit News ect... you need to know that by allowing img in the phpnuke allowed array you are also allowing other attributes that can be easily exploited.You can get it HERE Any comments or concerns can be posted to my
forum.
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=459
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=459