<html><body bgcolor="#FFFFFF"><div>Using Full HTML is also a security risk for cross site scripting and cross site request forgeries.</div><div><br></div><div>Keep in mind that input formats are node-specific at the time the node is saved. Changing the default format will not affect saved nodes.</div><div><br></div><div>The editor may also affect submitted data.<br><br>Sent from my iPhone</div><div><br>On Jan 7, 2011, at 17:14, Bill Fitzgerald <<a href="mailto:bill@funnymonkey.com">bill@funnymonkey.com</a>> wrote:<br><br></div><div></div><blockquote type="cite"><div>
I would recommend - strongly - against enabling the PHP input
format. This opens up some enormous security risks, and from what
you are describing this is overkill for your use case.<br>
<br>
If you aren't using it already, I would recommend using the WYSIWYG
API for your site: <a class="moz-txt-link-freetext" href="http://drupal.org/project/wysiwyg"><a href="http://drupal.org/project/wysiwyg">http://drupal.org/project/wysiwyg</a></a><br>
<br>
Edit your node, and make sure that you have chosen the correct input
format.<br>
<br>
It's also possible that your WYSIWYG editor is clobbering your html;
when you edit the node, turn off the editor and make sure that your
original markup is still intact.<br>
<br>
This page has more info on configuring input formats:
<a class="moz-txt-link-freetext" href="http://drupal.org/handbook/modules/filter"><a href="http://drupal.org/handbook/modules/filter">http://drupal.org/handbook/modules/filter</a></a><br>
<br>
Please feel free to ping back with any additional questions.<br>
<br>
Cheers,<br>
<br>
Bill<br>
<br>
On 1/7/11 4:28 PM, Joel Willers wrote:
<blockquote cite="mid:36B2D50F2A79114BBB96362C55C973FD01EDD378@mail.siglercompanies.com" type="cite">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"Bookman Old Style";
panose-1:2 5 6 4 5 5 5 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size: 11pt; font-family:
"Calibri","sans-serif"; color: rgb(31,
73, 125);">You can make a special filter that might help you
out. Otherwise, set it to PHP (you have to have PHP enabled
in the modules area).<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family:
"Calibri","sans-serif"; color: rgb(31,
73, 125);"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family:
"Calibri","sans-serif"; color: rgb(31,
73, 125);">Hope that helps!<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size: 11pt; font-family:
"Calibri","sans-serif"; color: rgb(31,
73, 125);"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal" style="margin-bottom: 12pt;"><b><span style="font-size: 7.5pt; font-family:
"Verdana","sans-serif"; color:
gray;">Joel Willers</span></b><b><span style="font-size:
7pt; font-family:
"Verdana","sans-serif"; color:
gray;"> </span></b><span style="font-size: 7pt;
font-family: "Verdana","sans-serif";
color: red;">|</span><span style="font-size: 7pt;
font-family: "Verdana","sans-serif";
color: gray;"> IT Developer<br>
Innova Ideas & Services </span><span style="font-size: 7pt; font-family:
"Verdana","sans-serif"; color:
rgb(254, 0, 0);">|</span><span style="font-size: 7pt;
font-family: "Verdana","sans-serif";
color: gray;"> </span><span style="font-size: 6pt;
font-family: "Verdana","sans-serif";
color: gray;">A SIGLER COMPANY</span><span style="font-size: 7pt; font-family:
"Verdana","sans-serif"; color: gray;"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size: 11pt; font-family:
"Calibri","sans-serif"; color: rgb(31,
73, 125);"><o:p> </o:p></span></p>
<div>
<div style="border-right: medium none; border-width: 1pt
medium medium; border-style: solid none none; border-color:
rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color;
padding: 3pt 0in 0in;">
<p class="MsoNormal"><b><span style="font-size: 10pt;
font-family:
"Tahoma","sans-serif";">From:</span></b><span style="font-size: 10pt; font-family:
"Tahoma","sans-serif";">
<a class="moz-txt-link-abbreviated" href="mailto:support-bounces@drupal.org"><a href="mailto:support-bounces@drupal.org">support-bounces@drupal.org</a></a>
[<a class="moz-txt-link-freetext" href="mailto:support-bounces@drupal.org"><a href="mailto:support-bounces@drupal.org">mailto:support-bounces@drupal.org</a></a>] <b>On Behalf Of </b><a class="moz-txt-link-abbreviated" href="mailto:rebu2008-dru@yahoo.com"><a href="mailto:rebu2008-dru@yahoo.com">rebu2008-dru@yahoo.com</a></a><br>
<b>Sent:</b> Friday, January 07, 2011 5:59 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:support@drupal.org"><a href="mailto:support@drupal.org">support@drupal.org</a></a><br>
<b>Subject:</b> Re: [support] HTML Filters<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal"><span style="font-size: 10pt;
font-family: "Bookman Old
Style","serif";">I'm new to Drupal as
well, but I just guessing that its the CSS in the theme
that you are using. Can you navigate to the page in your
browser and then view the source? In Firefox, it is in
the menu as 'View' > 'Page Source'. You should be
able to see your HTML elements and attributes. If not,
then they really have been stripped somehow. If they are
there, then it is likely a CSS problem, assuming that
your HTML is valid.<br>
--ross<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size: 10pt;
font-family: "Bookman Old
Style","serif";"><o:p> </o:p></span></p>
<div>
<div class="MsoNormal" style="text-align: center;" align="center"><span style="font-size: 10pt;
font-family:
"Tahoma","sans-serif";">
<hr width="100%" align="center" size="1"></span></div>
<p class="MsoNormal"><b><span style="font-size: 10pt;
font-family:
"Tahoma","sans-serif";">From:</span></b><span style="font-size: 10pt; font-family:
"Tahoma","sans-serif";"> Alison
<a class="moz-txt-link-rfc2396E" href="mailto:penguin@alisoncc.com"><<a href="mailto:penguin@alisoncc.com">penguin@alisoncc.com</a>></a><br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:support@drupal.org"><a href="mailto:support@drupal.org">support@drupal.org</a></a><br>
<b>Sent:</b> Fri, January 7, 2011 5:21:48 PM<br>
<b>Subject:</b> [support] HTML Filters<br>
</span><span style="font-size: 10pt; font-family:
"Arial","sans-serif";"><br>
Hi, <br>
<br>
very much a newbie who feels that she is constantly
"fighting" Drupal to get it to do what she wants it to
do.<br>
<br>
Fairly simple "home" page before members log on and
get all the complicated stuff - list of events,
accepting bookings for same and the like - with Views,
Flags, Tokens etc.<br>
<br>
CKEditor installed and fully operational. "Full HTML"
selected and all "Input Filters" disabled on "Input
Formats" page. Yet when displaying the page much of
the HTML formatting I have implemented has been
stripped off. Nothing special just paragraph alignment
- simple stuff like text centering, etc. Looks fine
when editing, but preview and much of it has gone. As
it does when seen by a visitor. Tried it with CKEditor
disabled and plain text editor selected . Doesn't seem
to make any difference - formatting still gets
stripped.<br>
<br>
Not much point in using a wysiwyg style editor if
Drupal strips all the functionality out. Also when
using CHEditor the edit box has the same background as
the main site, which makes life difficult if it's a
dark background and the text one is editing is black.
Would appreciate some clues.<br>
<br>
Alison<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
-- <br>
[ Drupal support list | <a moz-do-not-send="true" href="http://lists.drupal.org/" target="_blank"><a href="http://lists.drupal.org/">http://lists.drupal.org/</a></a>
]<o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</div></blockquote><blockquote type="cite"><div><span>-- </span><br><span>[ Drupal support list | <a href="http://lists.drupal.org/">http://lists.drupal.org/</a> ]</span></div></blockquote></body></html>