[development] valid_input_data no more available on 4.6.4

Nathan Vack njvack at wisc.edu
Thu Dec 8 21:00:49 UTC 2005

On Dec 8, 2005, at 2:09 PM, Fabio Varesano wrote:

> I think that input checking on the css field is
> needed...
> This is how I'm using the valid_input_data :
> function css_nodeapi(&$node, $op, $teaser, $page) {
> ....
> case 'validate':
>       if (variable_get('css_'. $node->type, TRUE) || 	
> !user_access('create css for nodes')) {
>         if (!valid_input_data($node->css_css)) {
>           drupal_access_denied();
>         }
>       }
> How do you guys think I have to implement a input check?

You could use an HTTP library and send it through the w3c CSS  


That would ensure the CSS is well-formed. You could even  
conditionally warn about valid but poor CSS practice (setting  
background-color without setting color, for example).

Also -- that's probably a different error case than user_access();  
I'm guessing you'd want to return a "Hey, your CSS isn't valid"  
instead of "Access denied"...


More information about the development mailing list