kirogl Posted September 12, 2008 Share Posted September 12, 2008 Hi all, I'm currently writting a wiki style system useing FCKeditor to accept user input, however in the intrests of security I want to remove any possablity of the user adding Javascript. Strip_tags isn't an option as I want to keep the HTML. So... is their anyway of stripping the javascript (including onMouseOver, <script></script> and <a href="javascript(... ) tags from a string? Or... is their anyway of disableing the "edit source" button in the FCKeditor editor? option 1 would be best (so users can add embed tags, like youtube video's etc.) but it feels overly complex. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.