source code not save in category description

Phoca Gallery - image gallery extension
Post Reply
nickg
Phoca Member
Phoca Member
Posts: 28
Joined: 09 Jun 2010, 15:47

source code not save in category description

Post by nickg »

hello
in the description of a category I want to put this code:
<img onmouseover="this.src='images/phocagallery/australie/mord/logo_video2.png';" onmouseout="this.src='images/phocagallery/australie/mord/logo_video.png';" dir="ltr" style="margin: 10px; float: right;" src="images/phocagallery/australie/mord/logo_video.png" alt="logo video" height="108" width="113" />:

when I save it, a part of this code it is not saved : One part is removed.
<img dir = "ltr" style = "margin: 10px; float: right;" src = "images / phocagallery / australia / bites / logo_video.png" alt = "logo video" height = "108" width = "113" />
In an article in joomla I have no problem, everything is saved
In the configuration of joomla I tried several editors, TinyMCE, JCE, noWYSIWYG
In the configuration of JCE in the cleaning option is OFF
The filter text in the config for joomla, super administrator is on NO FILTER
I'am lost :x
Top
User avatar
Jan
Phoca Hero
Phoca Hero
Posts: 49149
Joined: 10 Nov 2007, 18:23
Location: Czech Republic
Contact:
Contact Jan

Re: source code not save in category description

Post by Jan »

Hi, you need to modify the XML for the form of Phoca Gallery description:

administrator\components\com_phocagallery\models\forms\phocagalleryc.xml

and change the filter for description:

Code: Select all

<field name="description" type="editor" buttons="true" hide="pagebreak,readmore" class="inputbox" label="COM_PHOCAGALLERY_FIELD_DESCRIPTION_LABEL" filter="safehtml" description="COM_PHOCAGALLERY_FIELD_DESCRIPTION_DESC" />
from safehtml to raw, etc.

Jan
If you find Phoca extensions useful, please support the project
Top
nickg
Phoca Member
Phoca Member
Posts: 28
Joined: 09 Jun 2010, 15:47

Re: source code not save in category description

Post by nickg »

Thanks Jan
I was wondering why this option (raw) was not by default in phocagalleryc.xml file ?
Top
User avatar
Jan
Phoca Hero
Phoca Hero
Posts: 49149
Joined: 10 Nov 2007, 18:23
Location: Czech Republic
Contact:
Contact Jan

Re: source code not save in category description

Post by Jan »

Hi, because of security.

Jan
If you find Phoca extensions useful, please support the project
Top
nickg
Phoca Member
Phoca Member
Posts: 28
Joined: 09 Jun 2010, 15:47

Re: source code not save in category description

Post by nickg »

hi
do I need to modifie the line after I inserted my code ?
nick
Top
User avatar
Jan
Phoca Hero
Phoca Hero
Posts: 49149
Joined: 10 Nov 2007, 18:23
Location: Czech Republic
Contact:
Contact Jan

Re: source code not save in category description

Post by Jan »

Hi, not sure what you mean for now?
If you find Phoca extensions useful, please support the project
Top
nickg
Phoca Member
Phoca Member
Posts: 28
Joined: 09 Jun 2010, 15:47

Re: source code not save in category description

Post by nickg »

Hi , you told me : "because of security."
So changed, from safehtml to raw , it's mean the code file is not safety (?)
Top
User avatar
Jan
Phoca Hero
Phoca Hero
Posts: 49149
Joined: 10 Nov 2007, 18:23
Location: Czech Republic
Contact:
Contact Jan

Re: source code not save in category description

Post by Jan »

Hi, depends on who is using your site and who have access to add content to your site, if you have some users who can add "everything" to your article -> database (article with all possible javascript) then of course this is not secure. If you are alone and you know which javascript you paste there, there is no problem (but while creating open source program, you need to count with every possible situations)

Jan
If you find Phoca extensions useful, please support the project
Top
nickg
Phoca Member
Phoca Member
Posts: 28
Joined: 09 Jun 2010, 15:47

Re: source code not save in category description

Post by nickg »

thanks a lot for your answer
Top
Post Reply

Return to “Phoca Gallery”