Plugins - TODO list

Macik	#37212 2013-03-13 12:03
Team Thanked: 181 times	#37201 tensh: I will try, I haven't used github yet :) It's very simple - register on github. Download client for Windows or Mac. Load it. Login with you name-pass/ Select «Add repository», name it. Copy files to it, and «Sync» it with GitHub. #37201 tensh: Eventually you can put it there for me ^^ It's not a best way, because it needs someone upload new versions everytime you make any changes. Added 5 hours later: Here's work in progress ... I've got to ask you for some help ^_^ http://www.cotonti.com/datas/users/ajax_inlineedit_253.zip 1. Is HTML passed through HTML purifier in this plugin? I guess not? How can I sanitize it? As you use 'HTM' filter in «editinline.ajax.php» it should be sanitized via HTMLPurifier in case you set HTML parser in cfg of you site ($sys['parser'] == 'html'). 2. How can I localize messages in CKeditor plugin? Use «lang» sub folder in plugins folder (see «a11yhelp» plugin for example). 3. Are the permissions & security more or less okay? No. Rely on «c» parameter to check user ability for edit are wrong: - page can be retrieved direct by specifying «id» or «al» parameter, and in this case inline editor not loading (example index.php?e=page&al=spoiler2804). - page can be accessed with any category specified (example index.php?e=page&al=spoiler2804&c=any_cat_user_can_edit) See «modules\page\inc\page.edit.php» for implementation. May be it required to transfer code from «rc» part to «header.first» (that hooks after page main) so you can use already some defined variables ($pag['page_cat']). 4. There's an onblur notification reminding to hit the save button :) How to make it appear only if the data weren't saved? This puzzles me :) I'm not sure for crossbrowsing solutionm, but try to google this. Some bugs, etc: - widrh of editable block not match existing size of page text block, see pic - after pressing «templates» button on editor panel - getting blended screen with no dialog and without ability to press anything or exit this mode, see.pic - some of markup are breaks on some image links (cant represent yet). - «contenteditable» attr valid only in HTML5, and not valid in for example «XHTML 1.0 Transitional» (as in Nemesis skin) inspite of browsers are use it. Добавлено 1 минуты спустя: And you can open separate topic for discussing you plugin in «Extensions» section. https://github.com/macik правильный хостинг — https://goo.gl/fjCa1F

Macik

#37212 2013-03-13 12:03

#37201 tensh:
I will try, I haven't used github yet :)

It's very simple - register on github. Download client for Windows or Mac. Load it. Login with you name-pass/ Select «Add repository», name it. Copy files to it, and «Sync» it with GitHub.

#37201 tensh:
Eventually you can put it there for me ^^

It's not a best way, because it needs someone upload new versions everytime you make any changes.

Added 5 hours later:

Here's work in progress ... I've got to ask you for some help ^_^

http://www.cotonti.com/datas/users/ajax_inlineedit_253.zip

1. Is HTML passed through HTML purifier in this plugin? I guess not? How can I sanitize it?

As you use 'HTM' filter in «editinline.ajax.php» it should be sanitized via HTMLPurifier in case you set HTML parser in cfg of you site ($sys['parser'] == 'html').

2. How can I localize messages in CKeditor plugin?

Use «lang» sub folder in plugins folder (see «a11yhelp» plugin for example).

3. Are the permissions & security more or less okay?

No. Rely on «c» parameter to check user ability for edit are wrong:
- page can be retrieved direct by specifying «id» or «al» parameter, and in this case inline editor not loading (example index.php?e=page&al=spoiler2804).
- page can be accessed with any category specified (example index.php?e=page&al=spoiler2804&c=any_cat_user_can_edit)

See «modules\page\inc\page.edit.php» for implementation. May be it required to transfer code from «rc» part to «header.first» (that hooks after page main) so you can use already some defined variables ($pag['page_cat']).

4. There's an onblur notification reminding to hit the save button :) How to make it appear only if the data weren't saved? This puzzles me :)

I'm not sure for crossbrowsing solutionm, but try to google this.

Some bugs, etc:

- widrh of editable block not match existing size of page text block, see pic
- after pressing «templates» button on editor panel - getting blended screen with no dialog and without ability to press anything or exit this mode, see.pic
- some of markup are breaks on some image links (cant represent yet).
- «contenteditable» attr valid only in HTML5, and not valid in for example «XHTML 1.0 Transitional» (as in Nemesis skin) inspite of browsers are use it.

Добавлено 1 минуты спустя:

And you can open separate topic for discussing you plugin in «Extensions» section.

https://github.com/macik
правильный хостинг — https://goo.gl/fjCa1F