Filtering HTMLFormatted Code checkmarkup

Given that check_plain won't handle your HTML, what should you do? The answer lies in check_markup, which filters data according to the configuration of a site's Input Format system.

NOTE

Remember, input formats were discussed toward the end of Chapter 3.

The different text areas in Drupal are often accompanied by a control that lets users select the proper input format for the text. By default, users can choose from Filtered HTML or Full HTML. Of course, they can choose between those only if they have been granted the permission to use both; otherwise they just get help text about Filtered HTML.

When content has this association with a specific format, it should be filtered using that format. An example of how a contributed module might use this type of filtering comes from the S5 module:

$slides .= '<div class="slide"><h1>'. check_plain($slide[0]) ."</h1>\n". check_markup($slide[1], $node->format) .'</div>';

The ''slides'' are made by splitting apart a node on known keys and then filtering the data based on the input format selected for that node. Also note that a check_plain is used on the title of each slide to prevent unnecessary formatting inside the <hi> tag.

0 0

Post a comment