CodeIgniter Forums

Full Version: Trouble Integrating Facebook Like-Box
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

El Forum

[eluser]Freewolf[/eluser]
Greetings All,

I just simply want to post the Facebook Like-Box on a social media page that we have on our new site that is built in CodeIgniter.

Trouble I am having however is that CodeIgniter seems to be stripping out some of the necessary code so it is not working.

Code:
<!-- FACEBOOK CODE STARTS HERE -->
[removed][removed]<fb:like-box href="http://www.facebook.com/stevenshenager" width="330" connections="0" stream="true" header="false" css="http://www.ironleafdesign.com/webdev/SH/facebook/test.css?1"></fb:like-box>
&lt;!-- FACEBOOK CODE ENDS HERE --&gt;

So this is the code snippet that I get to plug in, however when viewing the page after it is passed CI has stripped out the Comments tags and the <fb> tags. Leaving on the [removed] tag which will not work without the rest.

Where is this getting stripped out and how might I overwride it?

El Forum

[eluser]Madmartigan1[/eluser]
Looks like you're running this through xss_clean at some point.

Let me ask, is the FB code saved in the database or file?

El Forum

[eluser]Freewolf[/eluser]
It is posted to file.

So I am guessing that is being passed through the xss_clean.
How would I go about turning this off just for this page?

El Forum

[eluser]Madmartigan1[/eluser]
What does "posted to file" mean?

If xss_clean is enabled globally, there's no pretty way to turn it off as the data will be sanitized too early in CI execution.

I just had to deal with this recently, and my solution was to disable the global filter and set xss_clean explicitly.

El Forum

[eluser]Freewolf[/eluser]
To file meaning it is loaded in one of the views.

Based on your post I was able to do a little more research and found out what you mention as well.
I turned off global xss_filtering as well. Extending my input library so that xss_clean is on for get and post methods by default.

Unfortunate that there is not a means to overwrite the global declaration locally in a controller. =(