Hi, the crowd
[code:1] this is just an example[/code:1]
In this last line, you where supposed to see:
[code:1] ‹a href="nowhere"›this is just an example‹/a›[/code:1]
Somebody, paranoid, i suppose, and bad understanding XSS, had suppressed somewhere the &-l-t-; opening and &-g-t-; closing tags, both in write and read.
As the bbcode and smileclass are specially dirty, and because $_REQUEST["message"] is used by joomla too:-( it can be everywhere.
So, i have made a quick and dirty hack for that, if some dev is interested.
{edit} Please, if you do not agree that a html special character is without any danger, instead of replacing yavascript with _yavascript_ witch no one can use in copy/paste, better do
script -› ‹span›s‹/span›cript
... !
All that incredible code can be replaced with 4 lines !
BTW: i have no answer to my proposal to collaborate to the developpement of fireboard.
No dev reading this board ?
[file name=code-18da55280dc2cb2507f130f59d5d4fe0.txt size=1549]http://www.bestofjoomla.com/images/fbfiles/files/code-18da55280dc2cb2507f130f59d5d4fe0.txt[/file]
