开发者

joomla displaying html within the content

I have a joomla isntallation which displays some articles normally but when i added an article with a youtube video, the WYSIWYG editor converted the special characters in the embed code to html entities. We开发者_开发问答ll, i'm assuming its the editor since it doesn't happen when i don't use it.

The problem after is that if i go to the article, i see the embed code for the flash player, instead of the flash player being rendered.

I'm using joomla 1.5 with a php 5 install. I thought joomla used html_entity_decode () on content by default? Does anyone know why this is happening and can guide me to which file or template file i'd need to use the function on please and thanks.


Almost joomla editors strip HTML ,css,JS from the content

so you can disable clean HTML in your editor settings or

its better to use any plugin to embed the youtube code (there are a lot )

use this plugin to embed videos from almost any provider (youtube , vimeo , metacafe etc.)

http://extensions.joomla.org/extensions/multimedia/video-players-a-gallery/812


You'll have to embed your code snippet in the HTML source that's generated by the editor. Most WYSIWYG editors have a button that allows you to see the HTML directly; click on that and you should be able to paste in your embed code.

There might be some settings that you'll have to change for this to work completely, however. It's been a while since I've fought with this, but you might need to go to the TinyMCE Plugin (in the Plugin Manager) and set "Code Cleanup on Save" to "Never." There's also a filter for allowed HTML tags in the Article Manager parameters section, so you might have to adjust the blacklist there as well.


As you have gathered the editor is killing your code. There are 2 reasons for this -

  1. If you insert code it is easy to have badly formed code that will break something downstream on the page. Leaving out a single will kill a page.
  2. For security reasons. You don't want people being able to insert nefarious code from the editor. In general, it's a good idea to clean any input from a user to prevent all kinds of attacks.

It is recommended that you use a plugin for this type of thing because it gives you more control over the users input. It guarantees that the code used to embed the video will be correct every time and that no additional code is being inserted since all of the heavy lifting is handled by the plugin. The additional processing time of a well written plugin is minimal and you will not see any noticeable difference in site performance unless your site gets millions of page views.

If you really want to do it through the editor, there is a trick to it. Not only do you have to insert the code in the HTML view of the editor, but you have to save the article while still in the code view. The HTML view state of the editor is usually persistent so you need to be sure you are in HTML view before you go back in to an article that you have inserted code in, otherwise simply opening the article will mess up the code you inserted.

Last, there are some extensions that allow you to insert code directly in to the editor. I am not a fan of those because they do pose a security risk.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜