Leaderboard

Worth a read! "The lesson here is to never mix manually constructed SQL fragments and bindings when using PDO emulation. You are opening yourself up to a huge risk by doing so as a single misparse results in SQL injection. If you are a developer: Disable PDO::ATTR_EMULATE_PREPARES if possible; If not, ensure you are on the latest version (PHP 8.4) and you do not allow null bytes in your queries." https://slcyber.io/assetnote-security-research-center/a-novel-technique-for-sql-injection-in-pdos-prepared-statements/

I still have an extremely annoying problem with TinyMCE Textureas, especially when used in combination with the commercial Combo field type. When working on a site with five combos Processwire randomly deletes the content of the field and saves a blank version, so that all the work is gone. This is totally unpredictable as it has nothing to do with the field I edit, the problem seems to appear randomly. I only see that all the text is deleted (and of course cannot be restored, especially if it was written days ago). Any idea what I a doing wrong? Thanks in advance (for saving me hours of work), Bernhard

I would not say a "rollback" is desirable, it is just that the new theme needs some more work because it is rough around the edges. Eg. when selecting pages in a Lister, the "label" showing the number of selections makes the list jump, which is bad UX but can be fixed with a display:"inline-block". Also, used to be shaded inputfield groups can have their background color back, etc... So while I agree that it is sort of half-baked, it can surely be made better.

@BrendonKoz it should just be a matter of replacing the module files with the new ones. Then do a modules refresh. Then go to the module config page to setup throttling features. It should install the new ProcessRequestBlocker module automatically, which will appear on the Setup top nav menu.

I'm dredging up an old topic here but had a need to go and look for something like this - not for a ProcessWire field - and ended up deciding TipTap looked like the best bet. It also turns out that Invisioncommunity (the forum software in use here) also uses TipTap: https://invisioncommunity.com/forums/topic/478170-invision-community-5-the-all-new-editor/ (so expect this forum to use that editor when we finally upgrade to v5 as there is no choice when upgrading forums unlike the unlimited choice you get in ProcessWire 😅). Now I am interested in a TipTap field for ProcessWire for a few article-heavy websites where we have mostly text but sometimes need to add in an image, a CTA block (some editable per article, some locked), image/text in a column with some settings and as far as I can tell TipTap allows for all of this because you can just build any widget you want and make them drag-droppable. Before I get too far down this rabbit hole has anyone investigated this sort of thing since 2019? Searching the word "editor" on the forum naturally returns a lot of results, many of which not actually related to alternative rich text editors I'm basically interested in the simplicity of having just one editor versus repeater matrix pages where it's not technically needed a lot of the time. I did also look at editor.js which looked really cool but that one doesn't seem to have been updated in years and TipTap is both open source and has some big customers so will still be here in a few years. my brain got confused because some folders were last changed 2 years ago but it is still in development and also looks good - possibly better in fact as the demo on the homepage is already more the way I envisioned.

Hi, I want to regex-replace terms with are stored in a simple text filed within a TinyMCE textarea value. Now I found that TinyMCE seems to encode entities differently than $sanitizer->entities() does. German "Umlaute" öäüÜÖÄ are encoded, but $sanitizer encodes quotes while TinyMCE doesn't. Is there a way to match the two encodings for reliable regex-replaces? Thanks $text = preg_replace("/(^|\s|>)".wire("sanitizer")->entities($member->title)."(\s|,|\.)/",'${1}<a href="'.$member->url.'">'.$member->title.'</a>${2}',$text); ^^ This successfully replaces names with umlauts like "Günter" but fails on people with nicknames like Jake "The Snake" 😉

Hey, The new version of PW (3.0.244/246) is great, and it uses TinyMCE 6.8. I saw that in this version of TinyMCE, there is a plugin that manages <detail> and <summary> tags. That was not possible in TinyMCE 6.4, used in the former version of PW (3.0.224). However, this plugin is not displayed in the TinyMCE input fields configuration interface. It’s just completely ignored. It can be activated though if you add it directly in the input field config in the database and it works perfectly. So it’s just a matter of user interface to get it straight in PW. Would it be possible to take it into account in the admin interface? That means see this plugin in the plugin lists of TinyMCE, and add the "accordion" button in the tool bar. Thanks

Hi, translations, populated from Fluency (2.1.1), for the title- and text-fields are not getting saved anymore, when they are in a builder block (RPB 6.5.1). An exception is, when it is a TinyMCE field. When I cut the translated string out and then paste back in (or typing it manual), then it gets also saved - what makes me question if that has maybe something to do with the changes in RPB 6.5 and 6.5.1. Also, when I choose the option to edit the field in a new window - as a "normal" ProcessWire page, then there also everything is working as expected. On an old version for RPB (5.4.3) and Fluency (1.0.7), everything works normal. Is there also, for future debugging, a way to "intercept" where the information of the field gets lost? The js-console of the browser seems not very helpful here. Everything looks normal, and the only feedback is the code 200 from the fluence request. Edit the field in a new window - as a "normal" ProcessWire page:

With InputfieldCKEditor there used to be the pwAssetPageID property that could be added to the Custom Config Options in the Input tab. It let you define a page whose image field was used by default when clicking on the Image button in the editor. This was very handy if you wanted to embed recurring images from a central page instead of uploading them to each page where you needed them. (I think the feature stopped working at some point, however.) Is there a way to achieve the same behavior with TinyMCE?

I would like to switch from TinyMCE to CKEditor. But I was stopped because I cannot implement a custom block element, like <div>. I need an extra element to be able to style some boxes within the content, normally for highlighting something, or a note. I ckeditor I was using a div and was able to allow it and even able to add a makeDiv button in the tools menu. Switching to CKEditor failed. I could not find out how to add a button for a custom tag. Is there a way? The disadvantage of using a <div> is, that the convenient filtering of divs had to be deactivated. While at it, I was thinking of using some other standard block element, like <section>, instead. (SEO does not matter). And the section got filtered by HTMLpurifier anyway. I found no way in Processwire to train HTMLpurifier to accept <section> as an additional tag. My workaround could be the use of HannaCode. But that is not as convenient.