Insert HTML code in WYSIWYG field

3 posts by 3 authors in: Forums > CMS Builder
Last Post: January 13   (RSS)

Hi

I wonder whether it is possible to insert HTML (and PHP) code into a WYSIWYG field as it can be done in a Separator type of field.

My code is the following:

<?php
// Ensure error reporting to catch potential issues
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Display the $RECORD array for debugging
//echo '<pre>';
//print_r($RECORD);
//echo '</pre>';

// Check if 'date_of_visit' exists and copy its value to a new variable
$dateOfVisit = isset($RECORD['date_of_visit']) ? htmlspecialchars($RECORD['date_of_visit']) : 'Ημερομηνία δεν είναι διαθέσιμη';
?>

request: <?php echo htmlencode(@$_REQUEST['date_of_visit']); ?>

<div>
<center>

<p>
Report
</p>
<div style="text-align: left;">
Athens
<?php
// Use the copied value
echo $dateOfVisit;
?>
</div>

<?php
// Display other fields
echo isset($RECORD['office']) ? htmlspecialchars($RECORD['office']) : 'Γραφείο δεν είναι διαθέσιμο';
echo ' / ';
echo isset($RECORD['type_of_visit']) ? htmlspecialchars($RECORD['type_of_visit']) : 'Τύπος επίσκεψης δεν είναι διαθέσιμος';
?>
</center>
</div>

Although the code's content is visible when inserted in the HTML block of a Separator type field, it produces a null when inserted into the WYSIWYG field as a default value. 

Regards, 

Andreas Lazaris

Hello Andreas,

WYSIWYG fields are typically piped through TinyMCE and any HTML/Code you put through it is restructured/reformatted to be proper HTML structure and not executed on the server side (this includes stripping out unrecognized tags such as PHP tags).

There are ways to get the editor to not filter out any PHP code (for instance to save it in the database) but it is advised to be very careful with this as you can easily introduce a security risk. If anyone is able to put PHP code into one of those fields and it is executed by your server, that would be bad.

Another option would be to have your code run PHP first and then put its output into the editor when it initializes. It all really depends on what you are trying to accomplish. :)

Tim Hurd
Senior Web Programmer
Interactivetools.com