Topic Closed
Jori
2 Posts

Hello! I'm wondering if it is possible to have php code in the pages. The CKEditor has config option for protecting source code, this example can be found with google: config.protectedSource.push( /<\?[\s\S]*?\?>/g );  However, after some trying I could not get it working.

Afterwards I thought, that if the page contents are stored in *.php-files, then all php code within them isn't going to be displayed at the editor ever, because the editor only edits what the file displays *after* php has processed it. If that is the case, then in order to have php persisting in the files, it would be gpEasy's task to make it enabled. Am I correct?

 

10 years ago#313

Josh S.
2K Posts
283K Downloads
16 Themes
18 Plugins

In addition to CKeditor, there is a function in gpEasy that strips php code. See method rmPHP() in the common.php file.

It's certainly true that allowing php execution within pages would increase the functionality, but it also brings up a number of cecurity concerns that many gpEasy users might not be ready for.

If you're comfortable with enabling php execution though, it would be easy to remove calls to rmPHP().

10 years ago#316

Jori
2 Posts

I managed to change the tool/editing_files.php code so that it allows modifying php code in the editor's source-mode. What I do is the following:

In editing_files.php edit_page() instead of including the file as such, I change the php start and end markers to comment start and ends ( '<?php' -> '<!--PHP'), write tha changed file to a temporary file, and then include that file.

When saving files I just do the string replace the other way.

Works nicely and allows me to edit php in the editor.

10 years ago#319

Charles S
448 Posts
13.7K Downloads
2 Themes
8 Plugins

Jori,

I played with this a little today. I'm not exactly clear on how you are doing it so I figured I would share what I found. Here's my "outline" of what I'm doing.

Hack to allow php in editor/pages 

Step 1 Remove the 'rmphp()' functions found below within /include/common.php function cleanText(&$text) { gpFiles::tidyFix($text); gpFiles::rmPHP($text); } function rmPHP(&$text){ $search = array('<?','<?php','?>'); $replace = array('&lt;?','&lt;?php','?&gt;'); $text = str_replace($search,$replace,$text);}

Step 2
Add the following code to /include/js/ckeditor_config.js
CKEDITOR.config.protectedSource.push(/<\?[\s\S]*?\?>/g);
Step 3
Create a page with the php of the function you want to call (eg My Custom Header). DO NOT edit or save this page after the very first save as it will overwrite the php code with the actual output.
Step 4
Call the page with the php function you want to use with gpEasy's  add page function:
{{Title of Page Here}} (eg  {{My Custom Header}} )
Note*
The php is called when you view or edit the page, thus the php code is lost if you edit the page with the php code  (eg 'My Custom Header' page above) and save it--it will be overwritten by the actual php function output; therefore, php cannot be directly accessed in a page at this time.

Discussion:

First, CKEditor needs step 2 otherwise when you switch from source view to html view it will destroy the php code, but that's all it really does. However, if you save the page in source view and don't edit or save it again it will be saved with the php--just check the page in the data/_page/ folder to make sure--just one less file to hack.

Step 1 removes gpEasy's function to strip php which is obviously needed in order to get the php into a gpEasy page in the first place, unless you create the page outside of gpEasy. Step 3 is to create a page with nothing other than the gpEasy php code that you want to use (eg header, extra areas, etc.). Step 4 allows for the page to be integrated into the content of another page, thus when you click on that section (eg 'header' within the page's content) to edit you will be editing the editable area (eg header). You do NOT want to ever edit the page you created (eg "My Custom header' page) that only has the php call. The reason is, the php within the content page is activated when you view the page or edit it, thus the php is lost; therefore direct php at this time doesn't seem at all possible; however, indirect php works well as long as you don't edit the page with the php. 

I've only used the above hack to work with gpEasy php calls as I don't require anything more at this time :)

Problems: I haven't thoroughly tested this hack, however one problem did arise. In a theme that  utilizes 'Text Areas' -- gpOutput::Area([area_name],[area_html]) and gpOutput::GetArea([area_name],[area_text]) -- I get an error saying that the area needs to be defined before any Area can be called. Other than that problem it seems to work OK.

 

I put in a feature request for php within gpEasy but only to allow gpEasy php calls as I think this would alleviate security concerns. Nonetheless, the above works rather well once you get it down but requires you to hack core files every upgrade--don't know why gpEasy even needs to bother with removing php when CKEditor does it rather well.

10 years ago#586

Firstly, you can use the {{PageName}} syntax as described in the documentation: File_Inclusion.

For more advanced thing, I developed my own system with a similar approach. Adding some PHP directly into a page then editing it, you'll see your modifications have been replaced by static HTML, overwriting your PHP. So my approach was to put some place holder that into the page and replace this token by the output/result of a script. So here is how it work:

  1. the static file/page, called <page>_static.php, is editable as it contain only HTML and the place holder with the following syntax: {{PLACE_HOLDER}} or {{PLACE_HOLDER_##}} where ## is a 2-digit number. For instance, you will write something like:
    About Us Contact Us Policy  {{PLACE_HOLDER}}
  2. the dynamic file/script called <page>_dynamic.php, which should not be edited. This script will generate and return a variable called $results (string or array).
    $results = rand(10);
  3. Then I've the script that link those two files together,  called place_holder.php (see the source). The idea is simple: capture the result of the dynamic file, and replace the placeholder with it.
  4. Here is how I embed a dynamic content in my template:
    <?php   $GLOBALS["WORKING_FILE"] = "partners"; // define the page we want to work with   gpOutput::Get('Extra', "place_holder"); ?>

If you want to use it outside the template, you'll need to edit a bit more gpEasy ; have a look at main.php:ReplaceContent() function. Guess I could've use this one myself XD.

10 years ago#603

Topic Closed

 

News

elFinder 2.1.50 in Upcoming Release
12/28/2019

A new release for Typesetter is in the works with a lot of improvements including the ... Read More

Typesetter 5.1
8/12/2017

Typesetter 5.1 is now available for download. 5.1 includes bug fixes, UI/UX improvements, ... Read More

More News

creisi productions

Dienstleistungen von creisi productions, Luzern (Schweiz): * Konzeption, Planung und Erstellung Ihres Internet-Auftritts * Betreuung und Aktualisierung/Pflege Ihrer Website * ...

Find out more about our Provider Spotlight

Log In

  Register