I have a plugin by the name of Advanced profile. It allows you to use HTML in your profile, thusly being able to make it look however you would like it to, embed apps, etc. which is highly demanded by my users. However, this plugin takes away the "warn" link for Administrators and Moderators. So this obviously won't do. I have tried other plugins, including Profile design, myprofile, and bbcode in profile. These have failed.
Is there any other way of allowing users to style their profiles with HTML or CSS?
If you want to enable HTML in a profile field, just go to ACP -> Configuration -> Custom Profile Fields -> [field] and tick Yes, allow HTML in this profile field. No need for a plugin.
I don't think allowing html, and css is a wise idea. You can import iframes, and scripts into the field thus making your site vulnerable.
(2014-12-19, 07:12 PM)Orianthi Wrote: [ -> ]I don't think allowing html, and css is a wise idea. You can import iframes, and scripts into the field thus making your site vulnerable.
If you enable the option I mentioned, using scripts is impossible since they're blocked by the parser.
(2014-12-19, 07:37 PM)Destroy666 Wrote: [ -> ] (2014-12-19, 07:12 PM)Orianthi Wrote: [ -> ]I don't think allowing html, and css is a wise idea. You can import iframes, and scripts into the field thus making your site vulnerable.
If you enable the option I mentioned, using scripts is impossible since they're blocked by the parser.
Not true. The parser is a blacklist, not a whitelist. There are lots of ways to bypass it -- one of the reasons it was planned to use HTML Purifier in 1.8 but it doesn't look like it was implemented.
I appreciate the concern, but we are constantly looking for skilled web developers to moderate profile sections. Thank you very much for this.
Destroy, That did not work. Nobody can style their profile, and neither can I.