Sod input formats, it's ok for me

Submitted by AjK on 12 December 2008 - 1:55pm

Today this arrived on my desk...

  1. $node->format = 2; // Allow for HTML in Node

This snippet was from code that was about to create a new node. The body of this node came in via an external XML/RSS feed.

OK buddy, you may trust this source but can you expect everyone you are going to share your module with should inherit your implict trust?

In fact, I saw this in two CVS applications today. Both declined (for more than just this).


»
»