You are not logged in. Please login or register.
PunBB Forums → PunBB 1.2 discussion → PunBB 1.2 - What's to come
The bad news is that there is no way to prevent users from entering crud and breaking validation. Just enter some rubbish xhtml between code tags and the validator will choke. It doesn't know the difference between application markup and content. The same goes for malformed xhtml in the announcement box.
Just enter some rubbish xhtml between code tags and the validator will choke.
How so? Since the content between code tags is still escaped with entities, there's no way to actually write malformed xhtml, is there? (i.e. <bad> => <bad>)
I've had the same thing happen on my blog.
It's set to XHTML 1.0 Strict and I've had posts break validation. It's the old copy paste syndrome, I copy text from another site to include on my front page, which is just the song lyric of the day.
What I've had to do is copy/paste to my editor then copy/paste to my posts. Strange but it happens from time to time.
Yes, as far as I can see angle brackets are escaped to their entity equivalent, so it's safe from that problem (same applied to escaping ampersands and so on)
I don't know if it's the cleanest solution (unlikely: regexps generally give me nightmares 
), but the BBCode parser could be altered to include the various cases of bad nesting of tags.
I'm thinking something like:
$pattern = array(
'#\[b\]\[i\](.*?)\[/b\]\[/i\]#is',
'#\[i\]\[b\](.*?)\[/i\]\[/b\]#is',
...);
$replace = array(
'<strong><em>$1</em></strong>',
'<strong><em>$1</em></strong>',
...);However, as there are quite a lot of tags and thus many possible malformed patterns, I can't see it as the most manageable solution. I guess it needs a regexp that will only perform the parsing if it finds an opening and closing tag of the same type and not a tag of another type in between, if that makes sense.
Intesting. I am going to have to do some tests. I'm sure that I managed to kill validation by posting xhtml between the code tags. I just can't remember what it was that I posted. In fact I think it was a chunk of php which I post with xhtml embedded within it. I just wish I could remember what it was.
you can kill validation with a dodgy character anyway can't you?
Penfold: The problem with that solution is that it adds quite a lot of overhead for something that is rather trivial. You can still break validation by posting a "dodgy character" like Connorhd said (i.e. a non-iso-8859-1 character in a iso-8859-1 forum). There's just no way to prevent that from the server side.
however, the site being made invalid because of posts doesn't matter too much as long as it shows correctly in browsers and without those posts would be valid i don't think its really a problem...
It's not a problem provided you dont display the w3c button. If you do some uber geek is going to haul you over the coals. I think the best any cms system can do is advertise itself as being valid XHTML 1.0 Strict "out of the box".
How long before you can release a beta version with everything in it? (I know, yet another question about this, but those groups would be great to have on my homepage now!). Is it weeks, a month or several months until the "full beta version"?
lol beta doen't mean finished you know, you should wait till its all been tested until you use it 
lol beta doen't mean finished you know, you should wait till its all been tested until you use it
yeah, but there is a version of the forum out now that isn't rdy. I guess you can call that beta and development source. What I meant was a beta version with everything in it. It's not a final version since it hasn't been tested, so it's still a beta version...
yes but the beta version may have bugs mark36ph no need to quote yourself 10 minutes later don't be such a jerk its not out and no one knows when it will be out rickard does have a job etc so this is something extra he does... therefore he can't spend all of his time working on punbb however much we would all like that.
Penfold: The problem with that solution is that it adds quite a lot of overhead for something that is rather trivial. You can still break validation by posting a "dodgy character" like Connorhd said (i.e. a non-iso-8859-1 character in a iso-8859-1 forum). There's just no way to prevent that from the server side.
My concern was just that, as far as I'm aware, a character not in the document's character encoding will just be ignored by an XML parser (replaced with a ? and so on), whereas malformed HTML will halt the parser completely and display an XML rendering error-page, as it's considered a fatal error.
I do appreciate the extra processing that would be required, but I'm in two minds whether it can be considered a trivial issue. It would be great future proofing, if and when people want to switch to using xhtml 1.1+ (which must be sent as xhtml) . Though when IE will get proper xhtml support is probably quite far in the future, so it's not too pressing an issue.
It's not something I'm too concerned about, however, and as it's still safe to send it as text/html it's certainly not going to stop me wanting to use PunBB over the other boards 
.
I think the best any cms system can do is advertise itself as being valid XHTML 1.0 Strict "out of the box".
Sure, I think that's the best position one can be in - especially for PunBB's aim of being fast and lightweight .
but its not a problem as it doesn't allow malformed bbcode anymore it just doesn't correct it automatically
From a validation point of view the biggest problem isn't going to be end users, it's admins writting rubbish in the announcement box which will break validation on every single page.
If all hell doesn't break loose, expect the beta tonight.
but its not a problem as it doesn't allow malformed bbcode anymore it just doesn't correct it automatically
That's not entirely true. It does validate the code and quote tags, but you can still nest e.g. [b] and [i] incorrectly.
No beta tonight. I'm just too tired. Tomorrow on the other hand ...
very nice work with de punbb 1.2 beta
Will the Punbb1.2 be released before Xmas or New Year ?
PunBB Forums → PunBB 1.2 discussion → PunBB 1.2 - What's to come
Powered by PunBB, supported by Informer Technologies, Inc.
