Suspecting beta release very very soon!

[SamG]

Isn't allowing html in posts generally considered a security risk ?

Not really, in phpBB2, you have a config field that allows only the HTML that you want allowed on your forum. For instance, tables and div tags are pretty much harmless.

The risk being taken in "harmless" tags is in the attributes, particularly the event handlers.

[Timmer]

It's not creepy if it's not finished.

I think you just said the opposite of what you meant. That's a double negative.

Your statement equates to: "It's creepy if it's finished."

[ElbertF]

It's not a double negative.. If it's not creepy when it's not finished, it doesn't mean it is creepy when it is

[SHS`]

It's not a double negative.. If it's not creepy when it's not finished, it doesn't mean it is creepy when it is

Whilst that is true in the Queen's English, who knows when it's American English... how many times have you seen "I could care less", when in the Queen's English it should be "I couldn't care less".

[Yoda_IRC]

If it's not creepy when it's not finished, it doesn't mean it is creepy when it is

true, or in mathematical notation
a =>b does not mean !a => !b
however a =>b does mean !b => !a

[ElbertF]

Whilst that is true in the Queen's English, who knows when it's American English... how many times have you seen "I could care less", when in the Queen's English it should be "I couldn't care less".

How about "There ain't no way"

[NNO-Stephen]

The BBcode seems diverse enough that html wouldnt be needed. I dont see if used very often either... might be good for the admin though. It does cut down on parsing time by taking it out too, instead of finding what is allowed.

that's just it though, if your site for instance, reads out of the phpBB database for something and it doesn't use the BBCode parser at all, then it can interpret HTML as HTML, and display it as such, whereas BBCode would be displayed as just text.

thats the problem, not the inability to display certain things because BBCode doesn't support it that's always been fixable anyway and it's finally going to become really supported with Olympus which I'm very glad about, but the example above is why I'd prefer we still have the ability to define HTML in the ACP, at least in a limited fashion.

and it's only a security risk if the board admin is a friggin' idiot and enables script and object and a ton of other *beep* like that which people shouldn't need under any circumstances.

[EXreaction]

Whilst that is true in the Queen's English, who knows when it's American English... how many times have you seen "I could care less", when in the Queen's English it should be "I couldn't care less".

Ya, and when someone says "All but..."

Like "He is all but dead"...shouldn't that mean that is is everything except dead? Not over here...it means he is dead.

[dhn]

and it's only a security risk if the board admin is a friggin' idiot and enables script and object and a ton of other *beep* like that which people shouldn't need under any circumstances.

You just described 95% of the board admins out there.

[robertmf]

and it's only a security risk if the board admin is a friggin' idiot and enables script and object and a ton of other *beep* like that which people shouldn't need under any circumstances.

You just described 95% of the board admins out there.

... and the other 5% are liars !!-