tags:

views:

82

answers:

3
+1  Q: 

joomla displaying html within the content

I have a joomla isntallation which displays some articles normally but when i added an article with a youtube video, the WYSIWYG editor converted the special characters in the embed code to html entities. Well, i'm assuming its the editor since it doesn't happen when i don't use it.

The problem after is that if i go to the article, i see the embed code for the flash player, instead of the flash player being rendered.

I'm using joomla 1.5 with a php 5 install. I thought joomla used html_entity_decode () on content by default? Does anyone know why this is happening and can guide me to which file or template file i'd need to use the function on please and thanks.

A: 

You'll have to embed your code snippet in the HTML source that's generated by the editor. Most WYSIWYG editors have a button that allows you to see the HTML directly; click on that and you should be able to paste in your embed code.

There might be some settings that you'll have to change for this to work completely, however. It's been a while since I've fought with this, but you might need to go to the TinyMCE Plugin (in the Plugin Manager) and set "Code Cleanup on Save" to "Never." There's also a filter for allowed HTML tags in the Article Manager parameters section, so you might have to adjust the blacklist there as well.

derekerdmann  2010-08-13 01:27:00
thanks for the response. I did insert the embed code fine in none html view but the editor then converted the embed code to html entities, i only noticed when it wasn't being played i had a look at the joomla table.
robinsonc494  2010-08-13 20:18:36
@robinsonc494 - Yeah, you'll have to go into the TinyMCE plugin settings like I mentioned in the second part of my post. Sure, you might be able to use a third-party plugin to get the embed to work, but if you disable the "Code Cleanup on Save," you shouldn't need to.
derekerdmann  2010-08-13 23:12:37
A: 

Almost joomla editors strip HTML ,css,JS from the content

so you can disable clean HTML in your editor settings or

its better to use any plugin to embed the youtube code (there are a lot )

use this plugin to embed videos from almost any provider (youtube , vimeo , metacafe etc.)

http://extensions.joomla.org/extensions/multimedia/video-players-a-gallery/812

pola  2010-08-13 01:40:55
thanks for the plugin link, and i'll have a look at a few others too.
robinsonc494  2010-08-13 20:20:02
@pola - Just wondering, but why do you say that it's better to use a third-party plugin to embed the videos? In my experience, it's overkill, and adds an extra layer of unneeded complexity.
derekerdmann  2010-08-13 23:14:24
indeed it add more processing and we (administrator) would prefer the html way , but having some authors writing in your site they will not be happy embedding the player themselves using the No-editor
pola  2010-08-24 21:17:45
A: 

As you have gathered the editor is killing your code. There are 2 reasons for this -

  1. If you insert code it is easy to have badly formed code that will break something downstream on the page. Leaving out a single will kill a page.
  2. For security reasons. You don't want people being able to insert nefarious code from the editor. In general, it's a good idea to clean any input from a user to prevent all kinds of attacks.

It is recommended that you use a plugin for this type of thing because it gives you more control over the users input. It guarantees that the code used to embed the video will be correct every time and that no additional code is being inserted since all of the heavy lifting is handled by the plugin. The additional processing time of a well written plugin is minimal and you will not see any noticeable difference in site performance unless your site gets millions of page views.

If you really want to do it through the editor, there is a trick to it. Not only do you have to insert the code in the HTML view of the editor, but you have to save the article while still in the code view. The HTML view state of the editor is usually persistent so you need to be sure you are in HTML view before you go back in to an article that you have inserted code in, otherwise simply opening the article will mess up the code you inserted.

Last, there are some extensions that allow you to insert code directly in to the editor. I am not a fan of those because they do pose a security risk.

Brent Friar  2010-08-27 13:03:52

related questions

Decode htmlEntities back on populate Zend Form
cakePHP: Overload Sanitize
How to accept programming code input for displaying purposes?
is there a mysql function to decode html entities?
Validating user input?
Problem encoding multibyte characters with Perl's HTML::Entities
php form security
Encoding in Java
html_entity_decode() isn't working properly?
htmlentities displaying html safely
php and special characters
How to convert all characters to their html entity equivalent using PHP
php convert special character to ascii
Facebook Like Plugin HTML Entities
charset problem?
charset problem?
In php, Prepare string and create XML/RSS Feed
Ruby HTML scraper written in Hpricot having trouble with escaped HTML
How to decode numeric HTML entities in PHP
UTF8 charset, diacritical elements, conversion problems - and Zend Framework form escaping
How to get HTML5 canvas text to show html entity?
Using php to create a password system with chinese characters
Symfony 1.4: Is it possible to prevent escaping of a redirect URL?
Adding HTML entities using CSS content