PHP
Die Typesetter zugrunde liegende Programmiersprache ist php auf dem Webserver, zusammen mit Ajax und Javascript und HTML mit Css als Formatierung.
Das direkte Einfügen von PHP in den Text wird von Typesetter allerdings aus Sicherheitsgründen unterbunden(automatische Auskommentierung).
Um doch noch PHP einzubinden gibt es 2 Möglichkeiten, bei falschem Code kann man sich dabei eine Sicherheitslücke einhandeln, besonders bei Multiuser-Systemen.
1. Das PHP-Box-Plugin, das für gpeasy geschrieben wurde. In seinen Installationsordner geladene php-skripte werden im Menü des Addons angezeigt. Danach kann man die Url zum Skript kopieren und als Link auf der gewünschten Seite einbinden.
2. Patch nach einem alten Forum - Beitrag :
Josh : In addition to CKeditor, there is a function in gpEasy that strips php code. See method rmPHP() in the common.php file.
.......................................................................
Jori : I managed to change the tool/editing_files.php code so that it allows modifying php code in the editor's source-mode.
What I do is the following:
In editing_files.php edit_page() instead of including the file as such, I change the php start and end markers to comment start
and ends ( '<?php' -> '<!--PHP'), write the changed file to a temporary file, and then include that file.
When saving files I just do the string replace the other way. Works nicely and allows me to edit php in the editor.
.......................................................................
Charles S. : I played with this a little today. I'm not exactly clear on how you are doing it so I figured I would share what I found.
Here's my "outline" of what I'm doing. Hack to allow php in editor/pages
Step 1 Remove the 'rmphp()' functions found below within
/include/common.php function cleanText(&$text) { gpFiles::tidyFix($text); gpFiles::rmPHP($text); } function rmPHP(&$text)
{ $search = array('<?','<?php','?>'); $replace = array('<?','<?php','?>'); $text = str_replace($search,$replace,$text);}
Step 2
Add the following code to /include/js/ckeditor_config.js
CKEDITOR.config.protectedSource.push(/<\?[\s\S]*?\?>/g);
Step 3
Create a page with the php of the function you want to call (eg My Custom Header). DO NOT edit or save this page after the very
first save as it will overwrite the php code with the actual output.
Step 4
Call the page with the php function you want to use with gpEasy's add page function:
{{Title of Page Here}} (eg {{My Custom Header}} )
Note*
The php is called when you view or edit the page, thus the php code is lost if you edit the page with the php code
(eg 'My Custom Header' page above) and save it--it will be overwritten by the actual php function output; therefore, php
cannot be directly accessed in a page at this time.
Discussion:
First, CKEditor needs step 2 otherwise when you switch from source view to html view it will destroy the php code, but that's
all it really does. However, if you save the page in source view and don't edit or save it again it will be saved with the
php--just check the page in the data/_page/ folder to make sure--just one less file to hack.
Step 1 removes gpEasy's function to strip php which is obviously needed in order to get the php into a gpEasy page in the first
place, unless you create the page outside of gpEasy. Step 3 is to create a page with nothing other than the gpEasy php code that
you want to use (eg header, extra areas, etc.). Step 4 allows for the page to be integrated into the content of another page, thus
when you click on that section (eg 'header' within the page's content) to edit you will be editing the editable area (eg header).
You do NOT want to ever edit the page you created (eg "My Custom header' page) that only has the php call. The reason is, the php
within the content page is activated when you view the page or edit it, thus the php is lost; therefore direct php at this time
doesn't seem at all possible; however, indirect php works well as long as you don't edit the page with the php.
I've only used the above hack to work with gpEasy php calls as I don't require anything more at this time :)
Problems: I haven't thoroughly tested this hack, however one problem did arise.
In a theme that utilizes 'Text Areas' -- gpOutput::Area([area_name],[area_html]) and gpOutput::GetArea([area_name],[area_text]) --
I get an error saying that the area needs to be defined before any Area can be called.
Other than that problem it seems to work OK.
I put in a feature request for php within gpEasy but only to allow gpEasy php calls as I think this would alleviate security concerns.
Nonetheless, the above works rather well once you get it down but requires you to hack core files every upgrade--don't know why gpEasy
even needs to bother with removing php when CKEditor does it rather well.
9 years ago#586
edouard.lopez
8 Posts
Firstly, you can use the {{PageName}} syntax as described in the documentation: File_Inclusion.
For more advanced thing, I developed my own system with a similar approach. Adding some PHP directly into a page then editing it, you'll
see your modifications have been replaced by static HTML, overwriting your PHP. So my approach was to put some place holder that into
the page and replace this token by the output/result of a script. So here is how it work:
the static file/page, called <page>_static.php, is editable as it contain only HTML and the place holder with the following syntax:
{{PLACE_HOLDER}} or {{PLACE_HOLDER_##}} where ## is a 2-digit number. For instance, you will write something like:
About Us Contact Us Policy {{PLACE_HOLDER}}
the dynamic file/script called <page>_dynamic.php, which should not be edited. This script will generate and return a variable
called $results (string or array).
$results = rand(10);
Then I've the script that link those two files together, called place_holder.php (see the source). The idea is simple: capture
the result of the dynamic file, and replace the placeholder with it.
Here is how I embed a dynamic content in my template:
<?php $GLOBALS["WORKING_FILE"] = "partners";
// define the page we want to work with gpOutput::Get('Extra', "place_holder"); ?>
If you want to use it outside the template, you'll need to edit a bit more gpEasy; have a look at main.php:ReplaceContent() function.
Guess I could've use this one myself XD.
== Weblinks ==
- Phptools-online - editor and checker
- Php - codechecker
- Php-Sandbox