NagiosQL remove <> from inserted strings

Hot as option but inside the code. As NagiosQL is a web based application, most data fields are secured by hardening functions to prevent SQL injections and cross-side-scripting.

The host notes field is normaly not used to store "HTML like" code - therefore all tags will be removed while saving.

What is the use case to insert tags in that field?

Unfortunatelly some other projects (https://github.com/jocafamaka/nagmapReborn) use this "dangerous" characters in nagios configuration files.

In many installation I'm the only admin with access to nagiosql. So if there is an option in code, it is enough for me. Where can I found it?

That's a bit complicated - you have first check in HTML code the field name of the notes field. Probably its named "tfValue7". Then you can check the PHP file functions/prepend_content.php.

There is a section for "Common text field value" that processes all these text fields. The filter_var for this fields is "FILTER_SANITIZE_STRING". You could change this to FILTER_UNSAFE_RAW like the "Argument" fields in next section and the database will store it unsecured with html tags. But this means, that all text fields in the whole application are unsafe from now!

The better way is to use another type for this field. You can change "tfValue7" in HTML to "tfSpValue1" if this is not just used in this html template. But you have to change also the variable $chkTfValue7 in the corresponding php file (hosts.php) to $chkTfSpValue1. In this case only the single field in the single template accepts special chars from now.

If "tfSpValue1" is just used, you can add an additional line in prepend_content.php for "tfSpValue2".