Modifying the Basic Rich Text Editor

This topic is locked

Modifying the Basic Rich Text Editor	3/8/2011 9:35:17 AM
PHPRunner Tips and Tricks
H horsey_kim author Sometimes you want to limit users on what features they can input. In my case I only wanted to allow my users to add returns, bold, italic and underline. Then their input did not effect the font face or size on my report pages. If your interested in limiting some of the features for the BASIC Rich Text Editor, then you need to refer to the developer's webpage http://www.kevinroth.com/rte/usage.htm. On this page you will find at the bottom a table showing all the features you can turn off and on. After you figure out what you want to turn off, you will need to edit the rte.php file in the output directory of your php runner project directory. I suggest after you change the file, that you create a back up of that same file (I called mine: rte_bu.php). This way if you do a full rebuild and it alters the change file, you can easily get the code you changed from your back up file. Caution: I do NOT recommend changing the rte.php file in the actual program directory, because you might not want this change for every project you build. This will alter all fields in your project that uses the Basic Rich Text Editor feature. Below is part of the code you need to find in rte.php file: ---- Original code ----- echo "rte.html = '"; if($data) echo jsreplace($data[$field]); echo "';"; echo "rte.build();}"; ----- modified code to show my changes -----*(Changes in red) echo "rte.html = '"; if($data) echo jsreplace($data[$field]); echo "';"; echo "rte.toolbar1 = false;"; echo "rte.toolbar2 = false;"; echo "rte.toggleSrc = false;"; echo "rte.cmdFormatBlock = false;"; echo "rte.build();}"; --------------------- Note that I put the code above the echo "rte.build();}";* code. Also note that the code they suggest on the developers page is placed inside an echo. The changes I made to the code above was turning both toolbars off, not allow source view and no format allowed. Hope this helps <img src='https://asprunner.com/forums/file.php?topicimage=1&fieldname=question&id=16603&image=1&table=forumtopics' class='bbc_emoticon' alt=':)' /> Kim

Mark as Solved Mark as not solved

3 replies


T	tedwilder 3/18/2011
	_


H	horsey_kim author 3/28/2011
	Hello are you aware of security problem with this rich text field? Is it sure It wont interpret any script tag, javascript or anything? Youtube hack and lots of well known website have been hacked because it was possible to pass command inside such box. In phprunner , are all characters user enter escaped and all? any advise on how to forbid things like " > < % " etc.? thank you. If you look at the documentation at this webpage: http://www.kevinroth.com/rte/usage.htm, there is a table at the bottom that shows you code that allows you to turn off different things. In the case your talking about, you might want to turn off the special characters or turn off allowable links. Example the below disables special characters: rte.cmdInsertSpecialChars = false; Here is an idea: This is one that I am using. I am building a new equine network. People can add bold and underline to their listings. I have an approval field for their listings and for their membership. If the person proves to be honest then I switch their membership approval to yes. Then when they put in ads it notes that they are approved and will auto approve all their ads. But if they are new, then they can add ads, they can see their own ads, but they don't go live until I make sure they are posting appropriate information and approve them. I got tired of the spammers who run all those silly ads for "work part time and make big bucks" or the "adult posters". This will save the integrity of my site. Unfortunately it does put an extra step in for me to approve ads everyday, but I would rather spend 10 minutes approving a bunch of ads then have a site that has trash value.


H	horsey_kim author 4/18/2012
	HOW ABOUT HAVING AN OPTION? I have the need for the rich text editor to have some features on one page and then on another page I want them limited. So this is what I came up with. In the rte.php file I have created if statements for the features I want on or off. ---- Original code ----- echo "rte.html = '"; if($data) echo jsreplace($data[$field]); echo "';"; echo "rte.build();}"; ----- modified code to show my changes -----(Changes in red) echo "rte.html = '"; if($data) echo jsreplace($data[$field]); echo "';"; =="1"){ echo "rte.toolbar1 = false;"; echo "rte.cmdInsertImage = false;"; echo "rte.cmdInsertHorizontalRule = false;"; echo "rte.cmdInsertOrderedList = false;"; echo "rte.cmdInsertUnorderedList = false;"; echo "rte.cmdInsertTable = false;"; echo "rte.cmdInsertHorizontalRule = false;"; echo "rte.cmdInsertLink = false;"; echo "rte.cmdSpecialChars = false;"; echo "rte.cmdUnlink = false;"; echo "rte.cmdOutdent = false;"; echo "rte.cmdIndent = false;"; echo "rte.toggleSrc = false;"; } if($_SESSION["rte"]=="2"){ echo "rte.toolbar1 = true;"; echo "rte.toolbar2 = true;"; } echo "rte.build();}"; -------end code---------- Finally, I then go to the list, add, or edit screen's event page in phprunner, where I want to use rich text editor. I create an event in the BEFORE DISPLAY, for that page and add in one of the lines below, depending on what features I want my rich text editor I want to use. $_SESSION["rte"]="1"; or $_SESSION["rte"]="2"; By using if statements in the rte.php file, I am not limiting myself to one way. Just remember by using the $_SESSION that it is going to remember what ever setting you gave it during that session. So if you have other pages that you want to use Rich Text Editor the normal way without features you need to clear the SESSION. Hope that helps, Kim

3 replies

Mark as Solved Reply