From 13790c6db2c6d9ca88c136259caf9ccab0f779bf Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Mon, 2 Oct 2006 16:56:47 +0000 Subject: [PATCH] Added MODx plugin. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@486 48356398-32a2-884e-a903-53898d9a118a --- NEWS | 1 + plugins/modx.txt | 91 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 plugins/modx.txt diff --git a/NEWS b/NEWS index 82ee502c..03cf871b 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier ========================== 1.2.0, unknown projected release date +! Added MODx plugin . Switched to purify()-wide Context object registry . Refactored unit tests to minimize duplication diff --git a/plugins/modx.txt b/plugins/modx.txt new file mode 100644 index 00000000..21093151 --- /dev/null +++ b/plugins/modx.txt @@ -0,0 +1,91 @@ + +MODx Plugin + +MODx is an open source PHP application framework. +I first came across them in my referrer logs when tillda asked if anyone +could implement an HTML Purifier plugin. This forum thread + eventually resulted +in the fruition of this plugin that davidm says, "is on top of my favorite +list." HTML Purifier goes great with WYSIWYG editors! + + + +1. Credits + +PaulGregory wrote the overall structure of the code. I added the +slashes hack. + + + +2. Install + +First, you need to place HTML Purifier library somewhere. The code here +assumes that you've placed in MODx's assets/plugins/htmlpurifier (no version +number). + +Log into the manager, and navigate: + +Resources > Manage Resources > Plugins tab > New Plugin + +Type in a name (probably HTML Purifier), and copy paste this code into the +textarea: + +-------------------------------------------------------------------------------- +$e = &$modx->Event; +if ($e->name == 'OnBeforeDocFormSave') { + global $content; + + set_include_path('../assets/plugins/htmlpurifier/library/' + . PATH_SEPARATOR . get_include_path()); + include_once 'HTMLPurifier.php'; + $purifier = new HTMLPurifier(); + + static $magic_quotes = null; + if ($magic_quotes === null) { + // this is an ugly hack because this hook hasn't + // had the backslashes removed yet when magic_quotes_gpc is on, + // but HTMLPurifier must not have the quotes slashed. + $magic_quotes = get_magic_quotes_gpc(); + } + + if ($magic_quotes) $content = stripslashes($content); + $content = $purifier->purify($content); + if ($magic_quotes) $content = addslashes($content); +} +-------------------------------------------------------------------------------- + +Then navigate to the System Events tab and check "OnBeforeDocFormSave". +Save the plugin. HTML Purifier now is integrated! + + + +3. Making sure it works + +You can test HTML Purifier by deliberately putting in crappy HTML and seeing +whether or not it gets fixed. A better way is to put in something like this: + +

Il est bon

+ +...and seeing whether or not the content comes out as: + +

Il est bon

+ +(lang to xml:lang synchronization is one of the many features HTML Purifier +has). + + + +4. Caveat Emptor + +This code does not intercept save requests from the QuickEdit plugin, this may +be added in a later version. It also modifies things on save, so there's a +slight chance that HTML Purifier may make a boo-boo and accidently mess things +up (the original version is not saved). + +Finally, make sure that MODx is using UTF-8. If you are using, say, a French +localisation, you may be using Latin-1, if that's the case, configure +HTML Purifier properly like this: + +$config = HTMLPurifier_Config::createDefault(); +$config->set('Core', 'Encoding', 'ISO-8859-1'); // or whatever encoding +$purifier = new HTMLPurifier($config);