I am using the IPE and an unobtrusive approach[1] to allow admins to
edit individual elements of a page. Back end is PHP/MySQL, although I
realize that''s not critical. Everything works perfectly so far, except
for this:
If I invoke the editor and add some text that includes raw HTML, the
HTML is saved in the database on the first pass. If I subsequently open
that element again for editing, the HTML tag is missing. I am testing
with a pair of <code></code> tags around a single word.
My main question is this: Where would I go looking for tags to be
stripped in this scenario?
Here''s what I''ve done:
I have confirmed that my loadTextURL handler is returning the raw
database text through htmlentities(), to convert all illegal
characters, as you would for any form element''s default value.
I have triple-checked that the database entry contains the actual code
after the first load/save through IPE.
I have tried commenting out the call to stripTags() in line 655 of
controls.js.
After that last part, I even opened another browser and forced the
reload, etc, just to be sure I wasn''t dealing with cached JS.
Are there any other hidden code-munchers that I''m not catching?
Thanks in advance,
Walter
1. var rightClick = function(e){
var field = this.id;
var tall = Math.ceil(Element.getHeight(this)/24);
tall = (tall > 30)? 30 : tall;
Event.stop(e);
var editListing = new Ajax.InPlaceEditor(field, "ajax_update.php", {
rows:tall,cols:50,
onComplete: function(transport, element) {
new Effect.Highlight(element, {
startcolor: this.options.highlightcolor
});
editListing.dispose();
},
loadTextURL: "get_raw.php?id=<?= $id ?>&class=<?= $class
?>&field=" +
field,
ajaxOptions: {
method: "post"
},
callback: function(form, value) {
return "id=<?= $id ?>&class=<?= $class
?>&field=" + field +
"&myparam=" + encodeURIComponent(value)
}
});
if(editListing) editListing.enterEditMode(''click'');
};
var editThis = function(){
//alert(''boo'');
Event.observe(''title'',''contextmenu'',rightClick);
Event.observe(''intro'',''contextmenu'',rightClick);
Event.observe(''body_text'',''contextmenu'',rightClick);
};
Event.observe(window,''load'',editThis);
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---