Welcome Guest, Not a member yet? Register   Sign In
Temporarily override global_xss_filtering
#1

[eluser]mattots[/eluser]
Hi,

I've got global_xss_filtering set to TRUE in my config file but there is just one place in my code where I need to override this - a content management area where affilaite advertising banner ad code needs to be pasted in (which generally consists of a javascript code block). With xss filtering, the script tags etc are getting replaced with [replaced] before being inserted into the database.

Is there any way to override the xss filtering for specific database queries / functions??

Matt
#2

[eluser]mattots[/eluser]
I found another post that addressed this issue and, although not quite the solution advocated there, came up with this rather dirty hack, which works nevertheless:

if (strpos($_SERVER['REQUEST_URI'], '/controller/method') > -1){
$config['global_xss_filtering'] = FALSE;
}
else {
$config['global_xss_filtering'] = TRUE;
}

If anyone has a neater method that doesn't involve lots of extra code to acheive, I'd be interested to hear!

Matt




Theme © iAndrew 2016 - Forum software by © MyBB