| Viewing Single Post From: Add Bbc | |
|---|---|
| choco | Dec 24 2007, 01:18 PM |
|
SPORE
  ![]](http://209.85.62.24/static/1/pip_r.png)
|
It's a good code and a great idea, but it's terribly insecure. For example, if I added a bbcode for <color>, I could do this in a topic title: [color="red" onclick="window.location.href='http://MYBOARD.COM'] (or whatever) And if the topic title is clicked, you're on your way to my board. You may want to add extra matching; either that or don't 'bbcodify' titles with text like 'onclick' in them and so on. Edited by choco, Dec 24 2007, 01:19 PM.
|
 |
|
| Add Bbc · User Created Codes | |
- Home ·
- Documentation ·
- Directory ·
- Planet
12:36 PM Dec 8
