Currently I am using ckEditor with ckFinder in Symfony. When I save a form the HTML is saved (seemingly so) properly in the database. When I query through symfony and retrieve the results, the html tags are removed and replaced. Can I prevent this? Below is an example of what is in the database. I tried putting in what the HTML Shows but the current eidtor translates it
Database shows:
<p> Test</p> <p> <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="quality" value="high" /><param name="movie" value="/uploads/flash/test1.flv" /><embed pluginspage="http://www.macromedia.com/go/getflashplayer" quality="high" src="/uploads/flash/test1.flv" type="application/x-shockwave-flash"></embed></object></p>
Actaul HTML (Note I replaced all ; with __ as the editor was translating it to the the above otherwise):
<__p>__
Test<__/p>__
<__p>__
<__object classid="__clsid:d27cdb6e-ae6d-11cf-96b8-444553540000"__ codebase="__http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"__>__<__param name="__quality"__ value="__high"__ />__<__param name="__movie"__ value="__/uploads/flash/test1.flv"__ />__<__embed pluginspage="__http://www.macromedia.com/go/getflashplayer"__ quality="__high"__ src="__/uploads/flash/test1.flv"__ type="__application/x-shockwave-flash"__>__<__/embed>__<__/object>__<__/p>__
you must have automatic output escaping turned on and echo the result of your query in a templates I guess. Read here what automatic output escaping is and how the use of the ESC_RAW constant or of the getRaw() method can help you.
Related
Please review this page.
The embedded video plays when the page is viewed on a mobile device but not when viewed on a computer (tested on two laptops running Windows 8 and 10, on Chrome, FF, and Edge).
This issue only exists with YouTube videos and the problem began 48 hours ago (approx.)
For example, see this YouTube URL (no video is being loaded):
http://www.youtube.com/v/RCsJHHUkisw&rel=0&color1=0x054b81&color2=0xe2e2e2&hd=1&showinfo=0&enablejsapi=1&playerapiid=ytplayer&fs=1
I have managed to handle this problem by rewriting the emvideo module.
I am currently using the module version = "6.x-1.26".
I didn’t take the time to change the entire module;
I changed only the parts I needed:
All the changes were made in this file:
\sites\all\modules\emfield\contrib\emvideo\providers\youtube.inc
In function theme_emvideo_youtube_flash line 444 I changed the line
$url = check_plain("http://www.youtube.com/v/$code&$related$autoplay_value$colors$border$high_quality$display_info$enablejsapi$fs");
to
$url = check_plain("https://www.youtube.com/embed/$code"); .
What I did was to look at the youtube embed code and try to make the link look the same.
Next step was to change the FLASH output, in line 566 function
theme_emvideo_youtube_default_external and change the next content:
<div id="$div_id">
<object type="application/x-shockwave-flash" height="$height" width="$width" data="$url" id="$id">
<param name="movie" value="$url" />
<param name="allowScriptAccess" value="sameDomain"/>
<param name="quality" value="best"/>
<param name="allowFullScreen" value="$fullscreen_value"/>
<param name="bgcolor" value="#FFFFFF"/>
<param name="scale" value="noScale"/>
<param name="salign" value="TL"/>
<param name="FlashVars" value="$flashvars" />
<param name="wmode" value="transparent" />
</object>
</div>
To
<div id="$url"><iframe width="$width" height="$width" src="$url" frameborder="0" allowfullscreen></iframe></div>
And that’s all…
Hope it helps a bit…
The following should be pretty close to a drop-in replacement for what's currently being served on the page referenced in the question (the object tag with id emvideo-youtube-flash-2):
<iframe id="ytplayer" type="text/html" width="590" height="499"
src="https://www.youtube.com/embed/Je2vE5RLJ6o?rel=1&showinfo=0&enablejsapi=1&fs=1&origin=http://www.islandcricket.lk/"
frameborder="0" allowfullscreen>
A few things about the implementation currently being served:
Using object tag and the embed URLs of the form youtube.com/v/video id (which only serves a Flash player, not HTML5) to embed YouTube videos has been deprecated for over a year.
the player parameter hd is deprecated. The iFrame player (used in the above code), will automatically chose the best quality to display based on a variety of parameters. If you wish to control this you can use the Javascript API.
the rel, showinfo, enablejsapi and fs parameters should continue to function as they have in the previous implementation (parameter documentaion here)
The allowScriptAcess parameter set to sameDomain in the current implementation is replaced by the origin parameter and should be set to the URL severing the webpage (documented here)
Screenshot of the above code working on islandcricket.lk tested via webdev tools:
I have taken over this ColdFusion project and found that I need a value out of a database field that includes HTML. The field data looks like this (without the new lines):
<wddxPacket version="1.0">
<header />
<data>
<struct>
<var name="en">
<string>3 Nights' Lodging</string>
</var>
<var name="sp">
<string>3 Noches alojamiento</string>
</var>
</struct>
</data>
</wddxPacket>
I am wanting to use this data but I only need the text between the:
<var name='en'><string>3 Nights' Lodging</string></var>
I used a function that ColdFusion has to remove HTML:
#REReplaceNoCase(pkg.title, "<[^><]*>", '', 'ALL')#
But when I use that, I get something like this:
3 Nights' Lodging3 Noches alojamiento
All I want is:
3 Nights' Lodging
Examining the beginning of the string, ie <wddxPacket ...> it is actually WDDX.
If you do a search for ColdFusion + WDDX you will find the documentation for CFWDDX. It is a built in tag which supports conversions of WDDX strings to CFML objects (and vice versa) for easier manipulation. In your case use action="wddx2cfml" to convert the string back into a CF structure.
<cfwddx action="wddx2cfml" input="#text#" output="result">
<cfdump var="#result#" label="Raw object">
Then use the key #result.en# to grab the string you want.
Let's take this simple HTML:
<html>
<body>
<!-- Object Tag For the Audio Player -->
<object id="mpAudio" width="100%" height="100%"
classid="CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6"
type="application/x-oleobject" align="middle">
<param name="URL" value="http://servername/media/Alt.TÉst/default.wav" />
<param name="AutoStart" value="True" />
<param name="UIMode" value="Full" />
<param name="EnableContextMenu" value="True" />
<param name="WindowlessVideo" value="True" />
<param name="Mute" value="False" />
</object>
</html>
Notice in the URL there is this unicode character: É
When I open that html file, the audio plays as a garbled mess. Of note, in some older VM I have (for random IE6 testing), which has an O/S of 2003 Standard Edition, an IE 6 browser, and Windows Media Player 6.4.09.1130 .. it works, fine! My testing where it's a garbled mess, involves Windows 7, IE 10, and WMP 12.0.7601.17514
I thought the solution may be % encoding the URL. That's even worse. The encode became: http%3A%2F%2Fservername%2Fmedia%2FAlt.T%C3%89st%2Fdefault.wav
And I went from at least being able to play a garbled mess, to not playing anything at all.
One other test:
Taking the non-encoded url and putting it in Firefox, opens the wav (so Firefox is OK with the unicode character). Taking the encoded url, I get "server not found". I guess I don't know how to encode!
Barring eliminating unicode for data entry (these URLs are generated from Username's, where in some locales they allow unicode characters in the name), how do I make this work?
Thanks.
I thought the solution may be % encoding the URL. That's even worse. The encode became: http%3A%2F%2Fservername%2Fmedia%2FAlt.T%C3%89st%2Fdefault.wav
The solution should be to URL-encode path components, rather than the whole URL. You want to end up with:
http://servername/media/Alt.T%C3%89st/default.wav
Although, I would have expected the fail case to get a 404 and just not play anything—garbled audio is a weird result. There might be a different issue as well?
i have a file name that contains spaces: bw3 - Copy_1340627264571.jpg
and i use this name to load the image as follows:
<h:graphicImage value="/#{myBean.imageFolder}/#{image.name}" width="30" height="30" style="border:0;"/>
this is translated to:
<img width="30" height="30" style="border:0;" src="/MyAPP/image/bw3+-+Copy_1340627264571.jpg">
while if i tried to print the name in outputText, it's printed correctly:
<h:outputText value="#{image.name}"/>
this is translated to:
<span id="myForm:viewImagesTable:0:_t68">bw3 - Copy_1340627264571.jpg</span>
any ideas how to fix that ?
This seems to be a bug in <h:graphicImage>. Spaces in request URI should be URL-encoded as %20 using java.net.URI and spaces in request query string should be URL-encoded as + using java.net.URLEncoder. It seems that <h:graphicImage> encodes the entire URI using java.net.URLEncoder.
Better replace them yourself beforehand:
<h:graphicImage value="/#{myBean.imageFolder}/#{image.name.replace(' ', '%20')}" />
Or, much better, don't allow spaces in filenames at all. When it concerns uploaded files, replace them by _ or something before saving.
Note that this has nothing to do with EL as your question tagging suggest.
I'm trying to change values in my application.properties file and I'm running into issues with an extra "\" character when trying to substitute url addresses. It doesn't happen when I'm replacing regular text.
Here's the section of the properties file I'm attempting to modify:
# Web Info
web.url=http://www.testaddress.com
web.user=TestAccount
Here's the section of my script that's not working correctly:
<propertyfile file="application.properties">
<entry key="web.url" operation="=" value="${webaddress}" />
<entry key="web.user" operation="=" value="${username}" />
</propertyfile>
What happens is that the web.user is replaced just fine but the address comes out looking like so:
# Web Info
web.url=http\://www.realaddress.com
web.user=RealAccount
I can't account for the backslash, if I echo the ${webaddress} variable it doesn't have it. Any idea as to what may be going on?
Thanks.
Check out the "store" method of the Properties object. The javadoc specifically states:
The key and element characters #, !,
=, and : are written with a preceding backslash to ensure that they are
properly loaded.