| [ Index ] |
PHP Cross Reference of Drupal 6 (yi-drupal) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * CKEditor - The text editor for the Internet - http://ckeditor.com 4 * Copyright (c) 2003-2012, CKSource - Frederico Knabben. All rights reserved. 5 * 6 * == BEGIN LICENSE == 7 * 8 * Licensed under the terms of any of the following licenses of your 9 * choice: 10 * 11 * - GNU General Public License Version 2 or later (the "GPL") 12 * http://www.gnu.org/licenses/gpl.html 13 * 14 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 15 * http://www.gnu.org/licenses/lgpl.html 16 * 17 * - Mozilla Public License Version 1.1 or later (the "MPL") 18 * http://www.mozilla.org/MPL/MPL-1.1.html 19 * 20 * == END LICENSE == 21 * 22 * @file 23 * CKEditor Module for Drupal 6.x 24 * 25 * This module allows Drupal to replace textarea fields with CKEditor. 26 * 27 * CKEditor is an online rich text editor that can be embedded inside web pages. 28 * It is a WYSIWYG (What You See Is What You Get) editor which means that the 29 * text edited in it looks as similar as possible to the results end users will 30 * see after the document gets published. It brings to the Web popular editing 31 * features found in desktop word processors such as Microsoft Word and 32 * OpenOffice.org Writer. CKEditor is truly lightweight and does not require any 33 * kind of installation on the client computer. 34 */ 35 36 function ckeditor_help_delegate($path, $arg) { 37 switch ($path) { 38 case 'admin/settings/help#description': 39 $output = t('Enables the use of CKEditor (a rich text WYSIWYG editor) instead of plain text fields.'); 40 break; 41 42 case 'admin/settings/ckeditor/edit/%': 43 case 'admin/settings/ckeditor/add': 44 $output = '<p>'. t('CKEditor is highly configurable. The most commonly used features are listed below. You can also adjust CKEditor to your needs by changing the !ckeditor_module_config configuration file.', 45 array( 46 '!ckeditor_module_config' => '<code>' . drupal_get_path('module', 'ckeditor') .'/ckeditor.config.js</code>', 47 )) . 48 '</p><p>' . 49 '<p>' . 50 t('It is recommended to not edit the !ckeditor_config_file (!ckeditor_config_path) configuration file that is distributed with CKEditor, because you may overwrite it accidentally when you update the editor.', 51 array( 52 '!ckeditor_config_path' => '<code>' . drupal_get_path('module', 'ckeditor') .'/ckeditor/config.js</code>', 53 '!ckeditor_config_file' => '<code>config.js</code>', 54 )) .'</p>'; 55 break; 56 57 case 'admin/settings/ckeditor/editg': 58 case 'admin/settings/ckeditor/add': 59 $output = '<p>' . t('The Global Profile allows you to define settings that are common for all profiles. Values defined in other profiles will be appended to the global configuration. This way you can avoid repeating some of the settings that are usually the same for each profile.') . '</p>'; 60 break; 61 62 case 'admin/settings/ckeditor': 63 $output = 64 '<p>'. t('The CKEditor module allows Drupal to replace textarea fields with CKEditor. CKEditor is an online rich text editor that can be embedded inside web pages. It is a !wysiwyg editor which means that the text edited in it looks as similar as possible to the results end users will see after the document gets published. It brings to the Web popular editing features found in desktop word processors such as Microsoft Word and OpenOffice.org Writer. CKEditor is truly lightweight and does not require any kind of installation on the client computer.', 65 array( 66 '!wysiwyg' => '<acronym title="'. t('What You See Is What You Get') .'">'. t('WYSIWYG') .'</acronym>', 67 ) 68 ) . 69 '</p><p>' . 70 t('More information about the editor can be found at the !ckeditorlink. A handy !userguidelink is available, too.', 71 array( 72 '!ckeditorlink' => l(t('CKEditor website'), 'http://ckeditor.com'), 73 '!userguidelink' => l(t('User\'s Guide'), 'http://docs.cksource.com/CKEditor_3.x/Users_Guide'), 74 ) 75 ) . 76 '</p><p>' . 77 t('Profiles can be defined based on user roles. A CKEditor profile may define which pages receive the CKEditor support, which buttons or themes are enabled for the editor, how the editor is displayed, and a few other editor functions. It is also possible to define the Global Profile that will store values which will be appended to all other profiles.') . 78 '</p><p>' . 79 t('Please note that only users with the "%accesspermission" !permissionlink will be able to use CKEditor.', 80 array( 81 '%accesspermission' => t('access ckeditor'), 82 '!permissionlink' => l(t('permission'), 'admin/user/permissions') 83 ) 84 ) . 85 '</p>'; 86 break; 87 88 case 'admin/help#ckeditor': 89 $output = 90 '<h3>' . t('Introduction') . '</h3>' . 91 '<p>' . 92 t('The CKEditor module allows Drupal to replace textarea fields with CKEditor. CKEditor is an online rich text editor that can be embedded inside web pages. It is a !wysiwyg editor which means that the text edited in it looks as similar as possible to the results end users will see after the document gets published. It brings to the Web popular editing features found in desktop word processors such as Microsoft Word and OpenOffice.org Writer. CKEditor is truly lightweight and does not require any kind of installation on the client computer.', 93 array( 94 '!wysiwyg' => '<acronym title="' . t('What You See Is What You Get') . '">' . t('WYSIWYG') . '</acronym>', 95 ) 96 ) . 97 '</p><p>' . 98 t('More information about the editor can be found at the !ckeditorlink. A handy !userguidelink is available, too.', 99 array( 100 '!ckeditorlink' => l(t('CKEditor website'), 'http://ckeditor.com'), 101 '!userguidelink' => l(t('User\'s Guide'), 'http://docs.cksource.com/CKEditor_3.x/Users_Guide'), 102 ) 103 ) . 104 '</p>' . 105 '<h4>' . t('Configuration') . '</h4>' . 106 '<ol>' . 107 '<li>'. 108 t('To start using CKEditor, first you need to grant permissions for use of CKEditor in the <strong>!adminpath</strong> section.', 109 array( 110 '!adminpath' => l(t('Administer') .' > '. t('User management') .' > '. t('Permissions'), 'admin/user/permissions'), 111 ) 112 ) . 113 '</li>' . 114 '<li>' . 115 t('CKEditor profiles can be configured in the <strong>!adminpath</strong> section. In each profile you can choose which textareas will be replaced by CKEditor as well as select the default toolbar and configure some more advanced settings.', 116 array( 117 '!adminpath' => l(t('Administer') .' > '. t('Site configuration') .' > '. t('CKEditor'), 'admin/settings/ckeditor'), 118 ) 119 ) . 120 '</li>' . 121 '<li>' . 122 t('For the Rich Text Editing to work you also need to configure your !filterlink for the users that may access Rich Text Editing. Either grant those users <strong>Full HTML</strong> access or use the following list of tags in the HTML filter:', 123 array( 124 '!filterlink' => l(t('filters'), 'admin/settings/filters'), 125 ) 126 ) . 127 '<br /><code>'. htmlspecialchars('<a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tbody> <th> <tr> <td> <em> <b> <u> <i> <strong> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <param> <strike> <caption> <iframe>') .'</code><br />'; 128 $output .= t('<strong>Note:</strong> be careful when granting users access to create tags like %iframe. <br />If you are going to use CKEditor with the <strong>Filtered HTML</strong> input format, please read the "Setting up filters" section in the !readme file.', 129 array( 130 '!readme' => '<code>' . l('README.txt', drupal_get_path('module', 'ckeditor') .'/README.txt') . '</code>', 131 '%iframe' => '<iframe>' 132 ) 133 ) . 134 '</li>' . 135 '<li>'. 136 t('To have better control over line breaks, you should disable the <strong>%settingname</strong> setting in the chosen filter (recommended).', 137 array( 138 '%settingname' => t('Line break converter'), 139 ) 140 ) . 141 '</li>' . 142 '<li>' . 143 t('All configuration options described in the !apidocs that cannot be easily changed in the administration area can be set in the <strong>Advanced Options</strong> section in the CKEditor profile.', 144 array( 145 '!apidocs' => l(t('API documentation'), 'http://docs.cksource.com/ckeditor_api/symbols/CKEDITOR.config.html') 146 ) 147 ) . 148 '</li>' . 149 '</ol>' . 150 151 '<a name="fieldinclexcl"></a>' . 152 '<h3>' . t('Defining field inclusions/exclusions') .'</h3>' . 153 '<p>' . 154 t('In order to display CKEditor in some specific textareas where you need it, the CKEditor module provides a powerful method to define fields that should be enhanced with CKEditor. The first choice you have to make is whether you want to display CKEditor for all textareas and define a list of exceptions. You can also decide that you do not want to display CKEditor unless it is specifically enabled. This choice is made in the <strong>%settingname</strong> setting.', 155 array( 156 '%settingname' => t('Use inclusion or exclusion mode'), 157 ) 158 ) . 159 '</p>' . 160 '<p>'. 161 t('Next, you need to define the list of exceptions. This list follows a specific syntax: the path to a field is defined by giving the content type followed by the <code>@</code> character, specifying the path followed by a dot and finally appending the field name at the end. You may decide to skip the content type. The !fieldname field on the !pathname page would thus be addressed as !result. You can use wildcards <code>*</code> and <code>?</code> anywhere in this line. If you have trouble with the field name that contains a dot, you can escape it with a backslash character (<code>\</code>).', 162 array( 163 '!fieldname' => '<code>edit-log</code>', 164 '!pathname' => '<code>node/add/page</code>', 165 '!result' => '<code>node/add/page.edit-log</code>', 166 ) 167 ) . 168 '</p>' . 169 '<strong>' . 170 t('Some examples:') . 171 '</strong>' . 172 '<ul>' . 173 '<li><code>node/add/page</code>: ' . 174 t('matches all fields on the !pathname page', 175 array( 176 '!pathname' => '<code>node/add/page</code>' 177 ) 178 ) . 179 '</li>' . 180 '<li><code>*.edit-log</code>: ' . 181 t('matches all fields called !fieldname on any page', 182 array( 183 '!fieldname' => '<code>edit-log</code>' 184 ) 185 ) . 186 '</li>' . 187 '<li><code>blog@*.edit-body</code>: ' . 188 t('matches all fields called !fieldname on pages related to node type !typename', 189 array( 190 '!fieldname' => '<code>edit-body</code>', 191 '!typename' => '<code>blog</code>' 192 ) 193 ) . 194 '</li>' . 195 '<li><code>forum@*.*</code>: ' . 196 t('matches all fields on pages related to node type !nodetype', 197 array( 198 '!nodetype' => '<code>forum</code>' 199 ) 200 ) . 201 '</li>' . 202 '<li><code>node/add/*</code>: ' . 203 t('matches all fields on pages such as !pathname1, !pathname2, etc.', 204 array( 205 '!pathname1' => '<code>node/add/page</code>', 206 '!pathname2' => '<code>node/add/story</code>' 207 ) 208 ) . 209 '</li>' . 210 '<li><code>node/add/*.edit-log</code>: ' . 211 t('matches all !fieldname fields on pages such as !pathname1, !pathname2, etc.', 212 array( 213 '!fieldname' => '<code>edit-log</code>', 214 '!pathname1' => '<code>node/add/page</code>', 215 '!pathname2' => '<code>node/add/story</code>' 216 ) 217 ) . 218 '</li>' . 219 '<li><code>node/add/*.edit-user-*</code>: ' . 220 t('matches fields starting with !fieldname on pages starting with !pathname', 221 array( 222 '!fieldname' => '<code>edit-user-</code>', 223 '!pathname' => '<code>node/add/</code>' 224 ) 225 ) . 226 '</li>' . 227 '</ul>' . 228 '<h3>' . t('Troubleshooting') . '</h3>' . 229 t('Take a look at !listlink when installing CKEditor.', 230 array( 231 '!listlink' => l(t('the list of common problems'), 'http://docs.cksource.com/CKEditor_for_Drupal/Troubleshooting') 232 ) 233 ) . 234 ' ' . 235 t('If you are looking for more information, have any trouble with the configuration, or found an issue with the CKEditor module, please visit the !officiallink.', 236 array( 237 '!officiallink' => l(t('official project page'), 'http://drupal.org/project/ckeditor') 238 ) 239 ) . 240 ' ' . 241 t('More information about how to customize CKEditor for your theme can be found !herelink.', 242 array( 243 '!herelink' => l(t('here'), 'http://drupal.fckeditor.net/tricks') 244 ) 245 ) . 246 '</p>' . 247 248 '<h3>' . t('Uploading images and files') . '</h3>' . 249 '<p>' . 250 t('There are three ways for uploading files:') . 251 '</p>' . 252 '<ol>' . 253 '<li>' . 254 t('By using !ckfinder (commercial), an advanced Ajax file manager.', 255 array( 256 '!ckfinder' => l(t('CKFinder'), 'http://ckfinder.com'), 257 ) 258 ) . 259 '</li>' . 260 '<li>' . 261 t('By using a dedicated module like !imcelink, !iblink or !webfmlink.', 262 array( 263 '!imcelink' => l(t('IMCE'), 'http://drupal.org/project/imce'), 264 '!iblink' => l(t('Image Browser'), 'http://drupal.org/project/imagebrowser'), 265 '!webfmlink' => l(t('Web File Manager'), 'http://drupal.org/project/webfm'), 266 ) 267 ) . 268 '</li>' . 269 '<li>' . 270 t('By using the core upload module.') . 271 '</li>' . 272 '</ol>'; 273 274 break; 275 } 276 return !empty($output) ? $output : ''; 277 } 278 279 /** 280 * AJAX callback - XSS filter 281 */ 282 function ckeditor_filter_xss() { 283 global $user, $theme; 284 285 $GLOBALS['devel_shutdown'] = FALSE; 286 287 if (!isset($_POST['text']) || !is_string($_POST['text']) || !isset($_POST['textarea_id']) || !is_string($_POST['textarea_id']) || !isset($_POST['query']) || !is_string($_POST['query']) || !isset($_POST['theme']) || !is_string($_POST['theme']) || !isset($_POST['input_format']) || !isset($_POST['token']) || !drupal_valid_token($_POST['token'], 'ckeditorAjaxCall', TRUE)) { 288 exit; 289 } 290 $filter_format_id = filter_resolve_format((int) $_POST['input_format']); 291 if (!filter_access($filter_format_id)) { 292 exit; 293 } 294 module_load_include('inc', 'ckeditor', 'includes/ckeditor.lib'); 295 $theme = $_POST['theme']; 296 $profile = ckeditor_user_get_profile($user, $_POST['textarea_id'], $_POST['query']); 297 if ($profile == FALSE) { 298 exit; 299 } 300 301 $settings = $profile->settings; 302 303 $text = $_POST['text']; 304 $text = strtr($text, array('<!--' => '__COMMENT__START__', '-->' => '__COMMENT__END__')); 305 306 $filters = array(); 307 foreach ($settings['filters'] as $module_delta => $active) { 308 if (!$active || !is_string($module_delta)) { 309 continue; 310 } 311 $filter = new stdClass(); 312 $filter->module = strtok($module_delta, "/"); 313 $filter->delta = strtok("/"); 314 $filter->format = $filter_format_id; 315 316 if (!module_hook($filter->module, 'filter')) { 317 continue; 318 } 319 320 $filters[] = $filter; 321 322 $text = module_invoke($filter->module, 'filter', 'prepare', $filter->delta, $filter->format, $text); 323 } 324 325 foreach ($filters as $filter) { 326 //built-in filter module, a special case where we would like to strip XSS and nothing more 327 if ($filter->module == 'filter' && $filter->delta == 0) { 328 preg_match_all("|</?([a-z][a-z0-9]*)(?:\b[^>]*)>|i", $text, $matches); 329 if ($matches[1]) { 330 $tags = array_unique($matches[1]); 331 $text = filter_xss($text, $tags); 332 } 333 } 334 else { 335 $text = module_invoke($filter->module, 'filter', 'process', $filter->delta, $filter->format, $text); 336 } 337 } 338 339 $text = strtr($text, array('__COMMENT__START__' => '<!--', '__COMMENT__END__' => '-->')); 340 341 echo $text; 342 exit; 343 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Jul 9 18:01:44 2012 | Cross-referenced by PHPXref 0.7 |