Temporarily override global_xss_filtering

#1
[eluser]mattots[/eluser]
Hi,

I've got global_xss_filtering set to TRUE in my config file but there is just one place in my code where I need to override this - a content management area where affilaite advertising banner ad code needs to be pasted in (which generally consists of a javascript code block). With xss filtering, the script tags etc are getting replaced with [replaced] before being inserted into the database.

Is there any way to override the xss filtering for specific database queries / functions??

Matt

#2
[eluser]mattots[/eluser]
I found another post that addressed this issue and, although not quite the solution advocated there, came up with this rather dirty hack, which works nevertheless:

if (strpos($_SERVER['REQUEST_URI'], '/controller/method') > -1){
$config['global_xss_filtering'] = FALSE;
}
else {
$config['global_xss_filtering'] = TRUE;
}

If anyone has a neater method that doesn't involve lots of extra code to acheive, I'd be interested to hear!

Matt


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.