I’m a bit of a newbie with wordpress, and I was playing around with the layout and css to get the look I wanted, after some testing I noticed that on the comments its says that HTML is allowed and there are certain tags you can use.
I’ve customised the comments textarea bit so that it limits you to entering 200 characters, but I’d like to know if its possible to prevent ALL html, including UBB codes.
If so, how does one do this? I’m concerned that people can put in any old junk into my comments, and I want to restrict formatting as much as possible, perhaps even to the extent where the comments will only accept certain characters, like this;
How does one achieve this?
On a side-note, I noticed the search box uses GET rather than POST, why is this and is it safe to do this? Does W/P take any precautions with the GET-ed data (such as anti XSS-stuff)
Thank you very much for your help!
- The topic ‘Prevent HTML in Comments’ is closed to new replies.