I am creating a simple ‘site news’ feature on an MVC 2 .net 4 web site. The site news articles are kept in a simple sql data base, actually I’m doing it with Entity Framework Code First and compact sql, consisting of colums articleID, articleDate articleSummary and articleDetail (model.ItemEntry in code below). The articleDetail is a textarea that I would like to edit with TinyMce or some other WYSIWYG editors if you have alternate editors to suggest or recommend please do so and why.
I’m looking for a way to have the text in the articleDetail enterd by TinyMce by way of the textarea, which may contain html as well as text, htmlencoded as it’s recorded into rows of the table. Seems to me that would be a likely configuration option, I haven’t found it. And that by htmlencoding the textarea would bypass all the difficulties I’ve encountered while attempting to save the TinyMce/textarea data to sql.
Although I will use this live it’s mainly a learning experience. And I’m a bit stubborn on wanting to learn how to do this. Otherwise I would just use the textarea and skip the WYSIWYG for this simple application.
While attempting to compose simple text using TinyyMce I’ve run into the problem of .net 4 and requestvalidation. It appears that I would have to relax my security by placing <httpRuntime requestValidationMode="2.0" /> in the web config and add [ValidateInput(false)] to my controllers create post action. I don’t want to relax the security that .net 4 is providing, kinda stuck now as to how to strip the html from the TinyMce/textarea.
At this point it occurred to me that what I really wanted to do was htmlencode the text as it could be valuable to have some html formatting in the articleDetail. Blog posts and other applications save information in sql that will somehow eventually be html, how do they do it?
In Summary (some of) my questions are
- Are there any WYSIWYG editors that htmlencode their content? That way I could have htmlencoded html news articles stored in sql. I’ll then be attempting to htmldecode that for display when news articles are displayed.
alternately
How might I just simplify strip the html from the TinyMce/textarea before I save to sql?
Is relaxing to requestValidationMode="2.0" my only solution?
Research resources I’ve found helpful in this learning experience.
Ack! couldn't post 'em as this is my first post. Gee I thought I read the FAQ and was being a good Nerditquette kinda guy. Incidently I composed this in Live writer and it's posted here on my blog including the links I had researched and found helpful.
Some relevant pieces of source code.
Create.aspx
<script type="text/javascript">
tinyMCE.init({
mode: "textareas",
theme: "simple"
});
<div class="editor-label">
<%: Html.LabelFor(model => model.ItemEntry) %>
</div>
<div class="editor-field">
<%: Html.TextAreaFor(model => model.ItemEntry) %>
<%: Html.ValidationMessageFor(model => model.ItemEntry) %>
</div>
NewsController.cs
// POST: /News/Create
[HttpPost]
// [ValidateInput(false)]
public ActionResult Create(Item item)
{
if (ModelState.IsValid)
{
siteNews.Items.Add(item);
siteNews.SaveChanges();
return RedirectToAction("Index");
}
return View(item);
}