5 Jan
2012
5 Jan
'12
7 a.m.
On 01/05/2012 03:57 AM, Walt Daniels wrote:
Set pages to filtered html. Then set up roles that are allowed to use full_format and make that the default format for that role. Then give people you trust that role.
I have restricted the access to full format to trusted roles. Ran the 'security and review' and got this:
Untrusted users are not allowed to input dangerous HTML tags. Details Skip OK
Untrusted users do not have access to use the PHP input format. Details Skip OK
Only safe extensions are allowed for uploaded files and images. Details Skip
Is that OK?
Swapnil
On Wed, Jan 4, 2012 at 7:07 PM, Swapnil Bhartiya <swapnil.bhartiya@gmail.com mailto:swapnil.bhartiya@gmail.com> wrote:
On 01/05/2012 01:04 AM, Ms. Nancy Wichmann wrote: > And you just opened your site up to hackers... what do you advice? Swapnil > /*Nancy*/ > Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. > King, Jr. > > ------------------------------------------------------------------------ > *From:* Swapnil Bhartiya > > I tried with the machine name of the full_format which is 2 and it > worked > > UPDATE field_data_body SET body_format = '2' > > > -- [ Drupal support list | http://lists.drupal.org/ ]