History of HTMLPurifier

Comparing versions
Version 8Current version

About

This filter uses Open Source Software HTMLPurifier to cleanup the HTML submitted to your site and ensure that it is standards compliant and does not contain anything malicious. It is also used to ensure that the various places that input is split for previews does not cause bad markup to break the page. This filter is highly recommended if you are allowing HTML but is still good for sites that are not using thse formats for the ability to cleanup markup which has been split for preview properly though this may disable certain plugins that insert non standards compliant code. See also HTMLPurifier Filter Options.

Installation

You can either
  • Install HTML Purifier using PEAR. Normally, PEAR modifies your php.ini to include all libraries installed with PEAR. If you install HTML Purifier via PEAR you don't have to do anything extra.
  • Or download HTML Purifier from htmlpurifier.org and unpack it somewhere on your server. You must then make sure that the library is in your include_path. Two methods are described below. In short, you can either
    • modify your server's php.ini,
    • or modify your bitweaver's config_inc.php, assuming your php.ini allows using ini_set.

Including the library

Modifying php.ini

One option is to edit your php.ini file (often /etc/php.ini but location will vary based on your server). Inside that file is a directive section for Paths and Directories. By default include_path is set to ".:/usr/local/lib/php". Modify that line to include the path to where you installed HTML Purifier

php.ini


<?php
include_path 
= .:/usr/local/lib/php:/path/to/HTMLPurifier
// the above must be entered all on one line, with no linebreaks.
?>


Modifying config_inc.php

The other option is to add an ini_set to your kernel/config_inc.php to modify this path at runtime:

kernel/config_inc.php


<?php
ini_set
("include_path"ini_get("include_path").":/path/to/HTMLPurifier");
?>


More Info

This may or may not work depending on the configurations in your php.ini. See ini.php for more information.
 

About

This filter uses Open Source Software HTMLPurifier to cleanup the HTML submitted to your site and ensure that it is standards compliant and does not contain anything malicious. It is also used to ensure that the various places that input is split for previews does not cause bad markup to break the page. This filter is highly recommended if you are allowing HTML but is still good for sites that are not using thse formats for the ability to cleanup markup which has been split for preview properly though this may disable certain plugins that insert non standards compliant code. See also HTMLPurifier Filter Options.

Installation

You can either
  • Install HTML Purifier using PEAR. Normally, PEAR modifies your php.ini to include all libraries installed with PEAR. If you install HTML Purifier via PEAR you don't have to do anything extra.
    
    pear channel-discover htmlpurifier.org;
    pear install hp/HTMLPurifier;
  • Or download HTML Purifier from htmlpurifier.org and unpack it somewhere on your server. You must then make sure that the library is in your include_path. Two methods are described below. In short, you can either
    • modify your server's php.ini,
    • or modify your bitweaver's config_inc.php, assuming your php.ini allows using ini_set.

Including the library

Modifying php.ini

One option is to edit your php.ini file (often /etc/php.ini but location will vary based on your server). Inside that file is a directive section for Paths and Directories. By default include_path is set to ".:/usr/local/lib/php". Modify that line to include the path to where you installed HTML Purifier

php.ini


<?php
include_path 
= .:/usr/local/lib/php:/path/to/HTMLPurifier
// the above must be entered all on one line, with no linebreaks.
?>


Modifying config_inc.php

The other option is to add an ini_set to your kernel/config_inc.php to modify this path at runtime:

kernel/config_inc.php


<?php
ini_set
("include_path"ini_get("include_path").":/path/to/HTMLPurifier");
?>


More Info

This may or may not work depending on the configurations in your php.ini. See ini.php for more information.
Page History
Date/CommentUserIPVersion
09 Mar 2010 (22:42 UTC)
Rollback to version 9 by spiderr
spiderr71.70.210.9111
Current • Source
Unknown176.53.45.4610
View • Compare • Difference • Source
spiderr71.70.210.919
View • Compare • Difference • Source
Kozuch85.207.244.1608
View • Compare • Difference • Source
WaterDragon82.171.181.2084
View • Compare • Difference • Source
laetzer85.178.33.883
View • Compare • Difference • Source
Unknown128.197.11.302
View • Compare • Difference • Source
laetzer85.178.33.881
View • Compare • Difference • Source