Hello. I admire the work that went into this module, and have a simple feature request for you.
One thing I think this module could borrow from the Safe HTML module (http://drupal.org/project/safehtml) is the ability to COMMIT the filtered HTML to the database, changing the actual node. Obviously this is destructive, so it should be an option in the filter settings and disabled by default, but I think it would be great for some users, like me, who (among other reasons) have authors who paste from Word and clog up the the database with junk code.
The other module accomplishes this by invoking nodeapi, so you could do something similar by doing this:
function htmlpurifier_nodeapi(&$node, $op, $teaser = NULL, $page = NULL) {
if ($op == 'submit') {
// Do whatever includes or prep work needs to be done
if ($node->body) {
// $filtered_body = whatever routine you guys run to clean it up
$node->body = $filtered_body;
}
if ($node->teaser) {
// $filtered_teaser = whatever routine you guys run to clean it up
$node->teaser = $filtered_teaser;
}
}
}
}
Obviously that's just a sketch and I don't know my ass from a hole in the ground, but you get the idea. Would be really nice. Thank you!
Comments
Comment #1
Vallenwood commentedJust realized this is probably a "normal" rather than "major" issue. It's just major for ME.
Comment #2
ezyang commentedWhen you enable this option, what happens to existing unpurified HTML in the database? What happens if you turn this option off?
Comment #3
casey commentedI created an seperate module for this feature: Sanitizable.
Comment #4
ezyang commentedClosed as WONTFIX. Thanks!