Are you ready?
tensh |
|
---|---|
DonP, just consider that for a hacker your client-side filtering is naked. Only server side filtering is the most reliable. A hacker can submit whatever he wants to a form.
As for Bbcodes for forums, why not use html syntax in the FCKeditor buttons? Now it's: [b] [/b]But it can be anyways: <b> </b> The rest of html syntax would be forbidden and removed by some internal settings. Hmm, but for things like "code", "quote" display, ... it would be some kind of mix of html and the rest, normally parsing html but also awared of some special non-html bbcodes? I saw once a mix of bbcode and html, but have no idea what was the coding background of that. |