scriptygoddessWorried about people posting malicious code in your comments, but still want the functionality of HTML enabled comments?? You might want to check out the MT Sanitize Plugin. It "allows you to clean HTML and other markup that might exist in an comment entry." It will let you list the acceptable HTML that you allow in your comments, and then it filters out the rest. Smart!
To run MT Plugins, you need to be using MT2.21 or higher.
4 Responses to "sanitize plugin"
2 | Mariann
I added that plug-in yesterday after I saw it on your LoveLinks blog… I never thought about malicious code in the comments, but I do recall some experiences where code had been added and never showed up the email notification so I didn't realize there was code in the comments until I saw it on the actual comment page. I'm very grateful for this plug-in, even if my comment scale is fairly low — better to be prepared than regretful later on!
3 | Jennifer
Very neat! EXTREMELY easy install!!
One of the things I like about it – is it doesn't actually remove those tags from the comment itself – it just won't write it to your page. So, in the examle that's often seen here – people putting PHP code in and forgetting to "ascii-ize" it – it just makes it so the pages doesn't break – but I can still go on change the appropriate characters to ascii and make it so the code shows…
4 | Quadsk8
Just to let you know about an alternative, at the same time Brad Chaote wrote this plugin L.M.Orchard had the same idea and wrote this 0decafbad MTCleanHTMLPlugin.
I only installed the last one and thinks it works good!
Categories
- Admin-type scripts (4)
- Announcements (81)
- babble (1)
- Basics (1)
- bookmarklets (2)
- Bookmarks (351)
- Color Tool Bookmarks (15)
- CSS related (13)
- FireFox Extension Bookmarks (5)
- Javascript Related (2)
- PHP Related (2)
- Call for help (6)
- complaint department (2)
- CSS (31)
- cubecart (3)
- Flash (2)
- hosting (1)
- bluehost (1)
- How to's (52)
- htaccess tricks (1)
- HTML (2)
- Internet Explorer (1)
- Javascript (19)
- jquery (8)
- Joomla (1)
- Lessons learned (66)
- Movable Type (57)
- MT hacks (52)
- MT Plugins (2)
- MT scripts (1)
- MT Tips n Tricks (2)
- mySQL (3)
- Outlook (1)
- Photoshop Tutorial (3)
- PHP (9)
- pMachine (4)
- product review (5)
- Projects (10)
- Regular Expressions (1)
- Scripts (117)
- Script snippet (35)
- SEO (1)
- shopping cart (3)
- Suggested reading (11)
- Video (1)
- WordPress (127)
- WordPress Bookmarks (18)
- WordPress Bookmarks to Plugins (31)
- WordPress Hacks (29)
- WordPress my-hacks additions (5)
- WordPress Plugins (20)
- WordPress scripts (6)
- WordPress: Lessons Learned (26)
Featured Sponsors
Search
- SEO Advice (from a non-expert!)
- Disappearing absolute positioned elements in IE7
- WordPress Objects
- Embed a vimeo video using swfobject and setting the audio to mute
- HTML Basics (linking an image)
- Moving from Typepad to WordPress
- evo 11 Conference
- The mysteriously disappearing WordPress 3.1 Admin Bar
- launch all external links in a new window with jQuery
- WordPress Pagination Woes (solved? I hope?)
- Scott: Just moved changed the site URL as WP's installed in a subfolder. Cookie clearance worked for me. Thanks!
- Stephen Lareau: Hi great blog thanks. Just thought I would add that it helps to put target = like this:1-800-555-1212 and
- Cord Blomquist: Jennifer, you may want to check out tp2wp.com, a new service my company just launched that converts TypePad and Movable Type export files into WordPre
About
- Need some help? You can hire me.
- My personal blog: The Working Mom
- Follow me on twitter