PHP"

This website contains links to software which is either no longer maintained or will be supported only until the end of 2019 (CKFinder 2). For the latest documentation about current CKSource projects, including software like CKEditor 4/CKEditor 5, CKFinder 3, Cloud Services, Letters, Accessibility Checker, please visit the new documentation website.

If you look for an information about very old versions of CKEditor, FCKeditor and CKFinder check also the CKEditor forum, which was closed in 2015. If not, please head to StackOverflow for support.

(question/suggestion - server side security)
 
Line 6: Line 6:
  
 
These variables will be available as editorInstance.Config.varName<br>  
 
These variables will be available as editorInstance.Config.varName<br>  
 
 
  
 
<br>
 
<br>
Line 14: Line 12:
  
 
$oFCKeditor-&gt;Width = '100%' ;<br> $oFCKeditor-&gt;Height = '200' ;<br> $oFCKeditor-&gt;ToolbarSet = 'Default' ;<br><br>
 
$oFCKeditor-&gt;Width = '100%' ;<br> $oFCKeditor-&gt;Height = '200' ;<br> $oFCKeditor-&gt;ToolbarSet = 'Default' ;<br><br>
 +
 +
<br>
 +
 +
It may be worth mentioning that you need to do some server-side security checking (which isn't included with FCKeditor if I am right?). Seeing you are likely to display the input from FCKeditor directly on some page as HTML, people could post some malicious javascript which would be executed for everyone visiting the page (for example stealing their session id's), right? --[[User:Froink|Froink]] 12:58, 21 July 2009 (UTC)

Latest revision as of 13:58, 21 July 2009

How to set config settings when instantiating:

$oFCKeditor->Config['varName'] = 'value';


These variables will be available as editorInstance.Config.varName


There are some settings that should be explained before the config options as they can be set only here, not in the config file:

$oFCKeditor->Width = '100%' ;
$oFCKeditor->Height = '200' ;
$oFCKeditor->ToolbarSet = 'Default' ;


It may be worth mentioning that you need to do some server-side security checking (which isn't included with FCKeditor if I am right?). Seeing you are likely to display the input from FCKeditor directly on some page as HTML, people could post some malicious javascript which would be executed for everyone visiting the page (for example stealing their session id's), right? --Froink 12:58, 21 July 2009 (UTC)

This page was last edited on 21 July 2009, at 13:58.