WebsiteBaker Support (2.8.x) > jQuery

admin wysiwyg editor JSON save function

(1/4) > >>

imqqmi:
-- edit --

I've now added code and wrapper to a new package called json.zip. Please see this thread:
http://www.WebsiteBaker.org/forum/index.php/topic,26111.0.html

-- edit --
This modification to the wysiwyg editor allows you to save using JSON without reloading the page. This will save a lot of time waiting for the section to be saved and sent back to the modify page. This will also prevent you from accidentally loosing edits to other sections on the same page as the page doesn't reload.

Let me know if you like it!

Install instructions:
1. Download the file below
2. extract the contents to the /modules/wysiwyg folder

It will replace modify.php and add images and saveJSON.php

Please not that this will remove form tokens security. If securiry of cross script hijacking is a concern to you please don't install this modification. Use at your own risk.

This is not fully tested yet, please consider this beta material.

http://www.jmbfoto.nl/wysiwyg.zip

-- original message --

I'm trying to add a feature to save the wysiwyg contents dynamically using jquery JSON. So far I've managed to get the data saved from a page with a single section. When I use more than one section I can save only once with one section. All subsequent saves will result in an error (Security risk! Access denied!).

I understand that this has to do with a form token being incorrect. Before I get into the guts of the wb framework, is there anyone who knows a quick way to disable this security feature? I'm not too worried about getting hacked while I'm logged in.

I wanted to add the JSON save feature as I spend a lot of time with editing/saving multiple sections. I keep forgetting that the page reloads upon each save throwing away all the edits in other sections. Saving using JSON is so much faster as a page reload is not necessary, it also saves bandwidth.

If only I can get around the security issue. My guess is that a token should be possible for each form allowing it to be used multiple times. In effect that defeats the token feature for the most part so that's why I was thinking to just disable it.

I also often open multiple pages for editing (hold down control and click the pages in the admin/pages section) and copying back and forth and found that this security business has blocked this unfortunately. I can imagine this is good for a 'change your password' form but not really for the general editor pages.

If the admins (or anyone else) are interested in the code I'm happy to provide it.

Thanks for any help you might provide!

Kind regards
Josha

imqqmi:
Ok, solved it!

I just commented out the lines below from save.php in wysiwyg module:


--- Code: ---if (!$admin->checkFTAN()) {
//$admin->print_header();
throwjsonerror($MESSAGE['GENERIC_SECURITY_ACCESS']);
//$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
}

--- End code ---

I know it's less secure but I don't mind that too much. Maybe there's another way to implement this with dynamic save on a page (without a page reload).

dbs:
Hi, i'm very interested for testing your code.
Page-reloads are sooo retro. *g*

imqqmi:
Hi dbs!

There are 2 changed files and needs to be placed in /modules/wysiwyg folder.
http://www.jmbfoto.nl/wysiwyg.zip

A bit about the code:
In modify.php I've added jquery/javascript code to handle the sending of the form data. I've changed a bit in the form to make the save button not to submit by itself but start a javascript function. I've made sure that the section_id is added to the function the javascript is calling so that multiple sections sends the corresponding form data and report back (for this I added a div with id=message[section_id]).

The content of the fck editor field is requested and passed to content[section_id] hidden field. When this is sent through json the response of saveJSON.php will determine what will happen.
If it returns an error (success=false) the error message normally displayed by save.php is returned and displayed in the div id=message[section_id]. It's turned red and will not disappear.

When success=true is returned the save is complete and is reported in a green color. After 5 seconds it will fade so that a new click on the save button will indicate another successful save (otherwise there's no telling if it is just stuck or saved successfully).  It can be made more fanciful by replacing the text with symbols (running circle could indicate it is processing, checkmark = ok, X = not ok + error message.

I'm also considering, now that it can dynamically save the content, to add a save all button. maybe even when you hit any of the save buttons it saves everything on the page (all wysiwyg sections, the other section types like news can be changed into json but those I use less often).

Let me know if you find it useful!

Regards
Josha

dbs:
Hi, have tested local with WB Portable (Rev. 1638).
It works only with FCK-Editor?
After Save-button-click nothing happens, but Firebug says:
SyntaxError: JSON.parse: unexpected character (in jquery-min.js)

Navigation

[0] Message Index

[#] Next page