BuddyPress.org

So a user discovered today if they make a post with <li>...</li> tags OR with just a single <li> tag, the </li> tag seems to be removed upon processing the comment and the whole site layout obviously takes a dump.

(This doesn’t seem to happen if the <li> tag is properly placed in a <ul> or <ol>)

ALSO.

A user can assign classes to their HTML elements. The same classes used by the website’s CSS, thus allowing for ridiculous formatting in their comments.

I don’t want to disallow HTML (some users utilize bold, code, etc) and that’s fine, but I obviously would like to fix the <li> issue, and also not allow HTML elements to be assigned classes.

I have no idea where even to begin…what function to extend off of and even then what PHP to use to validate/fix?
Maybe a strip_tags before a comment is posted to remove everything except for <strong> and others, but dunno how to fix the class issue…

(Buddypress 3.2.0, using legacy theme)