Categories > TinyButStrong general >

htmlconv=no weakness ?

The forum is closed. Please use Stack Overflow for submitting new questions. Use tags: tinybutstrong , opentbs
By: Jurvillier
Date: 2010-06-17
Time: 15:49

htmlconv=no weakness ?

I use TBS 3.5.3,  PHP Version 5.2.6, and old Quick_Form,

then I use :
$form_str = $from->toHtml();
and in the template :
[onshow.form_str;htmlconv=no;noerr]
An error occurs, because (all)  '[' are converted to [ in javascript created  functions (by quick_form)
( but  ']'  are corrects )
example :
return ary[key];
in place of :
return ary[key];
When not using htmlconv=no, the script is visible in my html page, and '[' are corrects.
By: Skrol29
Date: 2010-06-17
Time: 20:57

Re: htmlconv=no weakness ?

Hi Jurvillier,

This is a security behavior.
See more details and how to workaround here:
  http://www.tinybutstrong.com/support.php#faq_protect
By: Jurvillier
Date: 2010-06-18
Time: 09:35

Re: htmlconv=no weakness ?

Waouh !
not a weakness, a strongness !
tinybuttoostrong
thanks