X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FTinyMCE%2FTinyMCEPlugin.php;h=9408e20c957b2d4498350645932f47d8b5371cbc;hb=c19696afecd98f225181c8a8a368712954d6dbd4;hp=f8d85c1ba03c78ee0cc08e93937a159e7b7dee3a;hpb=8f071b2818e8321ea910df612016175f65093402;p=quix0rs-gnu-social.git

diff --git a/plugins/TinyMCE/TinyMCEPlugin.php b/plugins/TinyMCE/TinyMCEPlugin.php
index f8d85c1ba0..9408e20c95 100644
--- a/plugins/TinyMCE/TinyMCEPlugin.php
+++ b/plugins/TinyMCE/TinyMCEPlugin.php
@@ -63,7 +63,7 @@ class TinyMCEPlugin extends Plugin
 
     function onEndShowStyles($action)
     {
-        $action->style('span#notice_data-text_container { float: left }');
+        $action->style('span#notice_data-text_container, span#notice_data-text_parent { float: left }');
         return true;
     }
 
@@ -78,36 +78,48 @@ class TinyMCEPlugin extends Plugin
         return true;
     }
 
-    function onArgsInitialize(&$args)
+    /**
+     * Sanitize HTML input and strip out potentially dangerous bits.
+     *
+     * @param string $raw HTML
+     * @return string HTML
+     */
+    private function sanitizeHtml($raw)
     {
-        if (!array_key_exists('action', $args) ||
-            $args['action'] != 'newnotice') {
-            return true;
-        }
-
-        $raw = $this->_scrub($args['status_textarea']);
-
         require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
 
         $config = array('safe' => 1,
                         'deny_attribute' => 'id,style,on*');
 
-        $this->html = htmLawed($raw, $config);
-
-        $text = html_entity_decode(strip_tags($this->html));
-
-        $args['status_textarea'] = $text;
-
-        return true;
+        return htmLawed($raw, $config);
     }
 
-    function onStartNoticeSave($notice)
+    /**
+     * Strip HTML to plaintext string
+     *
+     * @param string $html HTML
+     * @return string plaintext, single line
+     */
+    private function stripHtml($html)
     {
-        if (!empty($this->html)) {
-            // Stomp on any rendering
-            $notice->rendered = $this->html;
-        }
+        return str_replace("\n", " ", html_entity_decode(strip_tags($html)));
+    }
 
+    /**
+     * Hook for new-notice form processing to take our HTML goodies;
+     * won't affect API posting etc.
+     * 
+     * @param NewNoticeAction $action
+     * @param User $user
+     * @param string $content
+     * @param array $options
+     * @return boolean hook return
+     */
+    function onSaveNewNoticeWeb($action, $user, &$content, &$options)
+    {
+        $html = $this->sanitizeHtml($action->arg('status_textarea'));
+        $options['rendered'] = $html;
+        $content = $this->stripHtml($html);
         return true;
     }
 
@@ -115,27 +127,31 @@ class TinyMCEPlugin extends Plugin
     {
         $path = common_path('plugins/TinyMCE/js/tiny_mce.js');
 
+        // Note: the normal on-submit triggering to save data from
+        // the HTML editor into the textarea doesn't play well with
+        // our AJAX form submission. Manually moving it to trigger
+        // on our send button click.
         $scr = <<<END_OF_SCRIPT
         $().ready(function() {
             $('textarea#notice_data-text').tinymce({
                 script_url : '{$path}',
                 // General options
-                theme : "simple",
+                theme : "advanced",
+                plugins : "paste,fullscreen,autoresize,inlinepopups,tabfocus,linkautodetect",
+                theme_advanced_buttons1 : "bold,italic,strikethrough,|,undo,redo,|,link,unlink,image,|,fullscreen",
+                theme_advanced_buttons2 : "",
+                theme_advanced_buttons3 : "",
+                add_form_submit_trigger : false,
+                theme_advanced_resizing : true,
+                tabfocus_elements: ":prev,:next"
+            });
+            $('#notice_action-submit').click(function() {
+                tinymce.triggerSave();
             });
         });
 END_OF_SCRIPT;
 
         return $scr;
     }
-
-    function _scrub($txt)
-    {
-        $strip = get_magic_quotes_gpc();
-        if ($strip) {
-            return stripslashes($txt);
-        } else {
-            return $txt;
-        }
-    }
 }