2012-08-25, 04:44 AM
I have a plugin that generates posts from an RSS feed which I enable the HTML from the feed and use another plugin to allow only the user posting the feed to post HTML. When it creates a post from the RSS feed everything works perfect but when the post appears on the front page it displays the HTML code instead. Any ideas how to resolve this?
MyBB Version: 1.6.8
Portal: http://drgn.biz/index.php
Example Post: http://drgn.biz/showthread.php?tid=318&pid=497
Bah! After reviewing the code in portal.php I realized I didn't have "Yes, allow HTML in posts" checked.
A more secure fix is to edit the code in portal.php
Find (line 570):
This will "trick" the portal to think all forums allow HTML even though they don't and since only the first post will be display (presumably a trusted poster with HTML privileges) you don't need to enable HTML for the target forum so replies to the threads won't be able to post HTML. If you allow untrusted members to create threads and the threads are posted on the portal this can cause a security risk.
MyBB Version: 1.6.8
Portal: http://drgn.biz/index.php
Example Post: http://drgn.biz/showthread.php?tid=318&pid=497
Bah! After reviewing the code in portal.php I realized I didn't have "Yes, allow HTML in posts" checked.
A more secure fix is to edit the code in portal.php
Find (line 570):
"allow_html" => $forum[$announcement['fid']]['allowhtml'],
Replace: #"allow_html" => $forum[$announcement['fid']]['allowhtml'],
"allow_html" => 1,
This will "trick" the portal to think all forums allow HTML even though they don't and since only the first post will be display (presumably a trusted poster with HTML privileges) you don't need to enable HTML for the target forum so replies to the threads won't be able to post HTML. If you allow untrusted members to create threads and the threads are posted on the portal this can cause a security risk.