History of HTMLPurifier
Version 4
HTMLPurifier
high-quality, standards-compliant, open-source
Created by: WaterDragon, Last modification: 15 Jun 2008 (20:55 UTC) by WaterDragon
About
This filter uses Open Source Software HTMLPurifier to cleanup the HTML submitted to your site and ensure that it is standards compliant and does not contain anything malicious. It is also used to ensure that the various places that input is split for previews does not cause bad markup to break the page. This filter is highly recommended if you are allowing HTML but is still good for sites that are not using thse formats for the ability to cleanup markup which has been split for preview properly though this may disable certain plugins that insert non standards compliant code. See also HTMLPurifier Filter Options.Installation
You can either install HTMLPurifier using PEAR or you can download the library from the htmlpurifier site and unpack it somewhere on your server. Either way you must make sure that the library is in your include_path. Normally PEAR modifies your php.ini to include all of the PEAR installed libraries when you install PEAR so if you install the library that way you don't have to do anything extra. If you are not using pear you either need to modify your php.ini yourself or modify the include_path directive using kernel/config_inc.php and ini_set (assuming your php.ini allows that.)Editing php.ini
Edit your php.ini file (often /etc/php.ini but location will vary based on your server). Inside that file is a directive section for "Paths and Directories." By default include_path is set to ".:/usr/local/lib/php". Modify that line to include the path to where you installed HTMLPurifierinclude_path = .:/usr/local/lib/php:/path/to/HTMLPurifier
The above must be entered all on one line, with no linebreaks.
Using ini_set
The other option is to add an ini_set to your kernel/config_inc.php to modify this path at runtime like so:ini_set("include_path", ini_get("include_path").":/path/to/HTMLPurifier");
This may or may not work depending on the configurations in your php.ini. See ini.php for more information.