HTMLPurifier
high-quality, standards-compliant, open-source
About
This filter uses Open Source Software HTMLPurifier to cleanup the HTML submitted to your site and ensure that it is standards compliant and does not contain anything malicious. It is also used to ensure that the various places that input is split for previews does not cause bad markup to break the page. This filter is highly recommended if you are allowing HTML but is still good for sites that are not using thse formats for the ability to cleanup markup which has been split for preview properly though this may disable certain plugins that insert non standards compliant code. See also HTMLPurifier Filter Options.Installation
You can either- Install HTML Purifier using PEAR. Normally, PEAR modifies your php.ini to include all libraries installed with PEAR. If you install HTML Purifier via PEAR you don't have to do anything extra.
pear channel-discover htmlpurifier.org;
pear install hp/HTMLPurifier;
- Or download HTML Purifier from htmlpurifier.org and unpack it somewhere on your server. You must then make sure that the library is in your include_path. Two methods are described below. In short, you can either
- modify your server's php.ini,
- or modify your bitweaver's config_inc.php, assuming your php.ini allows using ini_set.
Including the library
Modifying php.ini
One option is to edit your php.ini file (often /etc/php.ini but location will vary based on your server). Inside that file is a directive section for Paths and Directories. By default include_path is set to ".:/usr/local/lib/php". Modify that line to include the path to where you installed HTML Purifierphp.ini
<?php
include_path = .:/usr/local/lib/php:/path/to/HTMLPurifier
// the above must be entered all on one line, with no linebreaks.
?>
Modifying config_inc.php
The other option is to add an ini_set to your kernel/config_inc.php to modify this path at runtime:kernel/config_inc.php
<?php
ini_set("include_path", ini_get("include_path").":/path/to/HTMLPurifier");
?>