Hello,
I'm running a site with drupal 5 and the latest version of tinyMCE. When a user creates content, the format is blank. Is there any way to change the default setting of this to be paragraph?
- jody Sent using the Microsoft Entourage 2004 for Mac Test Drive.
You must either change the default input filter to full html, or else edit the off-the-shelf default "filtered html" to include the basic tags users create with tinyMCE.
If I understand your situation correctly, the content is getting filtered by the default "filtered html" input filter.
Victor Kane http://awebfactory.com.ar
On 2/18/07, Jody Cleveland cleveland@winnefox.org wrote:
Hello,
I'm running a site with drupal 5 and the latest version of tinyMCE. When a user creates content, the format is blank. Is there any way to change the default setting of this to be paragraph?
- jody
Sent using the Microsoft Entourage 2004 for Mac Test Drive.
-- [ Drupal support list | http://lists.drupal.org/ ]
Victor Kane wrote:
You must either change the default input filter to full html, or else edit the off-the-shelf default "filtered html" to include the basic tags users create with tinyMCE.
If I understand your situation correctly, the content is getting filtered by the default "filtered html" input filter.
No, this is not what was meant. If you start typing in TinyMCE it does not set that test in a paragraph tag, it leaves it without any surrounding tag. This causes me problems too, you have to type your text and hit enter or you don't get a paragraph tag.
On 2/18/07, *Jody Cleveland* < cleveland@winnefox.org mailto:cleveland@winnefox.org> wrote:
Hello, I'm running a site with drupal 5 and the latest version of tinyMCE. When a user creates content, the format is blank. Is there any way to change the default setting of this to be paragraph?
No, this is not what was meant. If you start typing in TinyMCE it does not set that test in a paragraph tag, it leaves it without any surrounding tag. This causes me problems too, you have to type your text and hit enter or you don't get a paragraph tag.
I also had to go into Administer - Site configuration - Input formats and configure my default of Full HTML. There's a section called Filters. I upgraded my site from 4.7 to 5, and all those boxes were unchecked. I checked the box for Line break converter, and that took care of it.
- jody Sent using the Microsoft Entourage 2004 for Mac Test Drive.
Right, we both needed to do that. But what Martin is pointing out, is that when you start typing in a freshly opened TinyMCE textarea, by default, no style is selected, so that I find myself typing the first line, and then selecting "normal" or "paragraph". That is a bother.
But even in filtered html, the <p> tag should not be filtered out, so I'm not sure I understand the problem Martin is alluding to.
On 2/20/07, Jody Cleveland cleveland@winnefox.org wrote:
No, this is not what was meant. If you start typing in TinyMCE it does not set that test in a paragraph tag, it leaves it without any surrounding tag. This causes me problems too, you have to type your text and hit enter or you don't get a paragraph tag.
I also had to go into Administer - Site configuration - Input formats and configure my default of Full HTML. There's a section called Filters. I upgraded my site from 4.7 to 5, and all those boxes were unchecked. I checked the box for Line break converter, and that took care of it.
- jody
Sent using the Microsoft Entourage 2004 for Mac Test Drive.
-- [ Drupal support list | http://lists.drupal.org/ ]
Victor Kane wrote:
You must either change the default input filter to full html, or else edit the off-the-shelf default "filtered html" to include the basic tags users create with tinyMCE.
I sometimes wonder why we even bother doing http://drupal.org/security.
Unless you are the only user posting on the site, setting Full HTML as the default input format is both 1) the easy way out and 2) insecure.
1. You can simply investigate which tags are needed and add those to the HTML filter.
2. Insecure, because you allow all users to execute cross site scripting attacks.
Regards,
Heine
Absolutely, the proper solution is to add in to the filtered HTML input filter those tags which are secure and absolutely indispensable.
Very important point.
Victor Kane http://awebfactory.com.ar
On 2/20/07, Heine Deelstra hdeelstra@gmail.com wrote:
Victor Kane wrote:
You must either change the default input filter to full html, or else edit the off-the-shelf default "filtered html" to include the basic tags users create with tinyMCE.
I sometimes wonder why we even bother doing http://drupal.org/security.
Unless you are the only user posting on the site, setting Full HTML as the default input format is both 1) the easy way out and 2) insecure.
- You can simply investigate which tags are needed and add those to the
HTML filter.
- Insecure, because you allow all users to execute cross site scripting
attacks.
Regards,
Heine
[ Drupal support list | http://lists.drupal.org/ ]
I sometimes wonder why we even bother doing http://drupal.org/security.
Unless you are the only user posting on the site, setting Full HTML as the default input format is both 1) the easy way out and 2) insecure.
- You can simply investigate which tags are needed and add those to the HTML
filter.
- Insecure, because you allow all users to execute cross site scripting
attacks.
Ideally, it'd be nice if comments could have their own input format. With the authors of the site, I need them to be able to be able to put in html. With commenters, all I want them to do is plain text.
- jody Sent using the Microsoft Entourage 2004 for Mac Test Drive.
-
Heine Deelstra -
Jody Cleveland -
Martin Tomes -
Victor Kane