S E R V E R   S I D E
View current page
...more recent posts

w00t. I successfully hacked jquery.markitup (1.1.9) to display it's preview (routed through previewParserPath) in a div rather than in an iframe (i.e., this is on the same page as the markitup textarea - so with previewInWindow not set.)

My problem was that my markitup'd textarea is on the same page where the content will be displayed (a textarea at the bottom of a column of comments.) With an iframe the previewed post does not get the styling of the parent page where it will be displayed when posted, so the preview doesn't necessarily match how the comment will look when posted. By displaying the preview in a div on the page I automatically get the correct styling (I just make the preview div have the same class as the divs holding the real comments.)

Sure, I could alter the script outputting the preview (the script at previewParserPath) to have the same styling as the comment page itself. But this is for a CMS where I don't know ahead of time what the styling of a page will be (since the styles are user changeable.) And I don't want the preview script to have to connect to the database and figure it out since this script gets hit *a lot* (on every enter key press in every comment textarea.)

I don't think anyone reads this blog, but if someone finds this through google I'd be happy to share my modifications.
- jim 1-20-2011 11:13 am [link] [2 comments]

It's true, xmlhttprequest posts are encoded as UTF-8, so a utf8_decode() is necessary if that's not the appropriate encoding. Will writing this here make me remember this? Who knows...
- jim 1-19-2011 12:00 pm [link] [add a comment]

Steve Jobs to Apple employees:

Team,

At my request, the board of directors has granted me a medical leave of absence so I can focus on my health. I will continue as CEO and be involved in major strategic decisions for the company.

I have asked Tim Cook to be responsible for all of Apple’s day to day operations. I have great confidence that Tim and the rest of the executive management team will do a terrific job executing the exciting plans we have in place for 2011.

I love Apple so much and hope to be back as soon as I can. In the meantime, my family and I would deeply appreciate respect for our privacy.

Steve

- jim 1-17-2011 2:19 pm [link] [1 comment]

And speaking of Markitup (see my last post) here is what I need to remember to do to modify the buttons in the toolbar (this is for 1.1.9 - I think 2.0 will have a more reasonable approach to this.)

To remove a button you must edit set.js and remove the buttons entry in 'markupSet:'. Then edit set.css and remove the corresponding button css entry. AND THEN ALSO renumber all subsequent css buttons, decreasing their count by one. So, for instance, if you remove the strike through button ( .markItUp .markItUpButton6 a ) you must then rename the next button - .markItUpButton7 - to .markItUpButton6. and .markItUpButton8 to .markItUpButton7, etc....

Not to be a wise ass (because I love Markitup!) but that's like how I would code something! Makes changing things a pain.
- jim 1-17-2011 12:57 pm [link] [add a comment]

I've spent the last few weeks looking into various textarea enhancements and replacements to make it easier for users to submit HTML formatted text to websites. I've never liked the full on wysiwyg textarea replacements (like tinyMCE or CKeditor). I think they shelter the user too much from HTML. I want to make it easier, but not hide the HTML completely behind the button bloat of a Microsoft Word clone. So I played with wmd-editor, which cleverly bills itself as a wymiwyg (what you see is what you mean) editor which inserts markup for you (in this case Markdown instead of HTML) while showing you a preview of the HTML alongside the textarea. Very nice idea. This is what stackoverflow.com uses. Here's a demo. Note that the contents of the textarea are displayed below the textarea, and the displayed HTML changes as you make changes in the textarea.

But as much as I tried to convince myself that Markdown was a good idea, I just couldn't swallow it in the end. It's no easier to read or to learn than plain HTML, so why not just use the real thing? Safety is one reason, but if you're sanitizing input with HTML Purifier (see last post) this reason loses a lot of it's value.

And also, as cool as the live preview is, it was causing me some problems depending on where the textarea was embedded on the page.

So finally I found Markitup which for me is perfect. It does Markdown, but also has a ton of other options, including HTML (also Textile, Wiki Syntax,, BBcode, or you can roll your own plug-in.) It has something similar to the wmd live preview, except instead of relying fully on javascript for the preview (which I was having trouble modifying because I'm not as fluent in javascript as I am in PHP), Markitup renders a preview on each return (or any time you want it to render by clicking on a preview icon in the toolbar). The preview is shown in an iframe using an ajax call to the server - this way I can process the text with my own PHP code (inserting <br> tags for line breaks, etc...) Perfect. I'm going to be rolling it out to one of my sites for testing this week and I'm incredibly hopeful about it. This is one of the last missing pieces for Geneva.

It's at version 1.1.9 now, but the sneak preview of version 2.0 is blowing my mind. Unfortunately I can't find any info on a release date. The last commits for 1.1.9 were in Oct of 2010. Hopefully it will be soon, as 2.0 has everything I want.
- jim 1-17-2011 12:50 pm [link] [add a comment]

HTML Purifier is incredibly awesome. It's a set of scripts you can run user submitted HTML content through before displaying on the web (or, better, before saving to the database so you only have to run it once on submitted content) and it will remove any non-whitelisted HTML tags, as well as foiling various possibly nefarious acts (e.g., script attributes on tags, etc...) It also does a great job of cleaning up unclosed tags so that individual posts don't screw up formatting of an entire page. Seems like a mandatory thing to have if you are accepting HTML content from users (and clearly if you accept from anonymous users.) It's just incredibly robust.

One issue I ran into though (it's pretty complex) is that URLs in links were being replaced by '%5C'. The problem was that I was running the HTML through mysql_real_escape_string before HTMLPurifier. You need to do HTMLPurifier first, and then mysql_real_escape_string. I have no idea why, but that is the case. Maybe this will help someone else.
- jim 1-17-2011 12:30 pm [link] [add a comment]

older posts...