You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

113 satır
3.3KB

  1. MODx Plugin
  2. MODx <http://www.modxcms.com/> is an open source PHP application framework.
  3. I first came across them in my referrer logs when tillda asked if anyone
  4. could implement an HTML Purifier plugin. This forum thread
  5. <http://modxcms.com/forums/index.php/topic,6604.0.html> eventually resulted
  6. in the fruition of this plugin that davidm says, "is on top of my favorite
  7. list." HTML Purifier goes great with WYSIWYG editors!
  8. 1. Credits
  9. PaulGregory wrote the overall structure of the code. I added the
  10. slashes hack.
  11. 2. Install
  12. First, you need to place HTML Purifier library somewhere. The code here
  13. assumes that you've placed in MODx's assets/plugins/htmlpurifier (no version
  14. number).
  15. Log into the manager, and navigate:
  16. Resources > Manage Resources > Plugins tab > New Plugin
  17. Type in a name (probably HTML Purifier), and copy paste this code into the
  18. textarea:
  19. --------------------------------------------------------------------------------
  20. $e = &$modx->Event;
  21. if ($e->name == 'OnBeforeDocFormSave') {
  22. global $content;
  23. include_once '../assets/plugins/htmlpurifier/library/HTMLPurifier.auto.php';
  24. $purifier = new HTMLPurifier();
  25. static $magic_quotes = null;
  26. if ($magic_quotes === null) {
  27. // this is an ugly hack because this hook hasn't
  28. // had the backslashes removed yet when magic_quotes_gpc is on,
  29. // but HTMLPurifier must not have the quotes slashed.
  30. $magic_quotes = get_magic_quotes_gpc();
  31. }
  32. if ($magic_quotes) $content = stripslashes($content);
  33. $content = $purifier->purify($content);
  34. if ($magic_quotes) $content = addslashes($content);
  35. }
  36. --------------------------------------------------------------------------------
  37. Then navigate to the System Events tab and check "OnBeforeDocFormSave".
  38. Save the plugin. HTML Purifier now is integrated!
  39. 3. Making sure it works
  40. You can test HTML Purifier by deliberately putting in crappy HTML and seeing
  41. whether or not it gets fixed. A better way is to put in something like this:
  42. <p lang="fr">Il est bon</p>
  43. ...and seeing whether or not the content comes out as:
  44. <p lang="fr" xml:lang="fr">Il est bon</p>
  45. (lang to xml:lang synchronization is one of the many features HTML Purifier
  46. has).
  47. 4. Caveat Emptor
  48. This code does not intercept save requests from the QuickEdit plugin, this may
  49. be added in a later version. It also modifies things on save, so there's a
  50. slight chance that HTML Purifier may make a boo-boo and accidently mess things
  51. up (the original version is not saved).
  52. Finally, make sure that MODx is using UTF-8. If you are using, say, a French
  53. localisation, you may be using Latin-1, if that's the case, configure
  54. HTML Purifier properly like this:
  55. $config = HTMLPurifier_Config::createDefault();
  56. $config->set('Core', 'Encoding', 'ISO-8859-1'); // or whatever encoding
  57. $purifier = new HTMLPurifier($config);
  58. 5. Known Bugs
  59. 'rn' characters sometimes mysteriously appear after purification. We are
  60. currently investigating this issue. See: <http://htmlpurifier.org/phorum/read.php?3,1866>
  61. 6. See Also
  62. A modified version of Jot 1.1.3 is available, which integrates with HTML
  63. Purifier. You can check it out here: <http://modxcms.com/forums/index.php/topic,25621.msg161970.html>
  64. X. Changelog
  65. 2008-06-16
  66. - Updated code to work with 3.1.0 and later
  67. - Add Known Bugs and See Also section
  68. vim: et sw=4 sts=4