chtmlpurifier to purify tinymce output

I would like to implement chtmlpurifier on all pages that has tinymce with default config on input. Can any one tell me which is the best way to attach this feature (as behavior,as an extension to tinymce,as an event …)?

AFAIK, TinyMCE already does this - so no need to do it again.

Thanks Jacmoe… Do you have any code snippet that you would like to share to implement this functionality?

jacmoe It does nothing, turn of javascript, and you will get XSS

read documentation

http://www.yiiframework.com/doc/api/1.1/CHtmlPurifier

you can use it as filter

Thank you.

Heh - I am actually doing this myself by means of a simple behavior:


<?php


class CSafeContentBehavior extends CActiveRecordBehavior

{

   public $attributes =array();

   protected $purifier;


   function __construct(){

  	$this->purifier = new CHtmlPurifier;

   }


   public function beforeSave($event)

   {

   	foreach($this->attributes as $attribute){

     	$this->getOwner()->{$attribute} = $this->purifier->purify($this->getOwner()->{$attribute});

  	}

   }

}



Then in my model(s):


	public function behaviors()

	{

		return array(

	    	'CSafeContentBehavior'=>array(

	        	'class' => 'application.models.behaviors.CSafeContentBehavior',

                	'attributes' => array('content', 'intro', 'title'),

	    	),



It is so transparent that I forgot that I used it! :lol:

Thanks a bunch Jacmoe, This is exactly what i am looking for.

dont reinvent the wheel when you dont need to, this is what framework is all about…

you have a filter, a good one, you dont need to create for this behavior, you can, but it is waste of time

Do you refer to this?

array(‘text’,‘filter’,‘filter’=>array($obj=new CHtmlPurifier(),‘purify’)),

I think dckurushin means




class PostController extends CController

{

    ......

    public function filters()

    {

        return array(

            'postOnly + edit, create',

            array(

                'application.filters.PerformanceFilter - edit, create',

                'unit'=>'second',

            ),

        );

    }

}



:rolleyes: