I am using the IPE and an unobtrusive approach[1] to allow admins to
edit individual elements of a page. Back end is PHP/MySQL, although I
realize that's not critical. Everything works perfectly so far, except
for this:
If I invoke the editor and add some text that includes raw HTML, the
HTML is saved in the database on the first pass. If I subsequently open
that element again for editing, the HTML tag is missing. I am testing
with a pair of <code></code> tags around a single word.
My main question is this: Where would I go looking for tags to be
stripped in this scenario?
Here's what I've done:
I have confirmed that my loadTextURL handler is returning the raw
database text through htmlentities(), to convert all illegal
characters, as you would for any form element's default value.
I have triple-checked that the database entry contains the actual code
after the first load/save through IPE.
I have tried commenting out the call to stripTags() in line 655 of
controls.js.
After that last part, I even opened another browser and forced the
reload, etc, just to be sure I wasn't dealing with cached JS.
Are there any other hidden code-munchers that I'm not catching?
Thanks in advance,
Walter
1. var rightClick = function(e){
var field = this.id;
var tall = Math.ceil(Element.getHeight(this)/24);
tall = (tall > 30)? 30 : tall;
Event.stop(e);
var editListing = new Ajax.InPlaceEditor(field, "ajax_update.php", {
rows:tall,cols:50,
onComplete: function(transport, element) {
new Effect.Highlight(element, {
startcolor: this.options.highlightcolor
});
editListing.dispose();
},
loadTextURL: "get_raw.php?id=<?= $id ?>&class=<?= $class
?>&field=" +
field,
ajaxOptions: {
method: "post"
},
callback: function(form, value) {
return "id=<?= $id ?>&class=<?= $class ?>&field=" +
field +
"&myparam=" + encodeURIComponent(value)
}
});
if(editListing) editListing.enterEditMode('click');
};
var editThis = function(){
//alert('boo');
Event.observe('title','contextmenu',rightClick);
Event.observe('intro','contextmenu',rightClick);
Event.observe('body_text','contextmenu',rightClick);
};
Event.observe(window,'load',editThis);
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Spinoffs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---
