How do I let user insert HTML, but not other stuff
Moderator: General Moderators
How do I let user insert HTML, but not other stuff
I have a news module that uses tinymce as a wysiwyg editor. I want my app to allow html formatting from this editor, but not javascript or sql. What do you guys do for this type of thing?