Post by Scribe » Thu Oct 13, 2011 8:48 pm

Hi guys,

Whenever I attempt to insert a php line into the welcome screen module, it appears to comment it out, i.e.:

<?php include '../rss/rss2html.php'; ?>

becomes

<!--?php include '../rss/rss2html.php'; ?-->

Any ideas how to accomplish this?

Many thanks

New member

Posts

Joined
Sun Feb 13, 2011 11:12 am

Post by uksitebuilder » Thu Oct 13, 2011 10:19 pm

You cannot enter HP directly in to modules via the admin interface.

Edit the template files directly

ImageImageImageImageImage

For Friendly Professional Support - Click Here


User avatar
Guru Member

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by Scribe » Fri Oct 14, 2011 1:54 am

uksitebuilder wrote:You cannot enter HP directly in to modules via the admin interface.

Edit the template files directly
The only problem is that it needs mixing in with the welcome message, I'd lose the ability to edit the message, which is fine for me but not other cart users.

I've added config.protectedSource.push( /<\?[\s\S]*?\?>/g ); to the CKEditor config file which prevents the admin panel from commenting out the code but when it comes time to display it on the front page of the site it still comments it out. Am I missing something here?

New member

Posts

Joined
Sun Feb 13, 2011 11:12 am

Post by Xsecrets » Fri Oct 14, 2011 2:44 am

how many people are you going to have editing the admin of your cart and using php to do it? If you really have that many people doing it then it's an even more important security feature, which is why you can't do it in the first place. It's dangerous.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by Scribe » Fri Oct 14, 2011 6:03 am

Xsecrets wrote:how many people are you going to have editing the admin of your cart and using php to do it? If you really have that many people doing it then it's an even more important security feature, which is why you can't do it in the first place. It's dangerous.
I will be putting the php in place but other editing will be of other visual elements, it's the ease of access that's important. I'm quite happy with the security element of those who have access to it. It's not about number of people, it's about me not wanting to give ftp access and just one person not being comfortable with editing and uploading files isn't good enough.

New member

Posts

Joined
Sun Feb 13, 2011 11:12 am

Post by uksitebuilder » Fri Oct 14, 2011 4:46 pm

Well there is nothing out of the box to do this, no extensions that I know of

You would need to get a developer to add this functionality.

Maybe post on the Commercial Support forum or contact a Partner from our Partners page

ImageImageImageImageImage

For Friendly Professional Support - Click Here


User avatar
Guru Member

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by SXGuy » Fri Oct 14, 2011 6:56 pm

i read somewhere of a plugin to ckeditor allowing php tags to be used, i tried it but failed to get it to work.

Active Member

Posts

Joined
Sun Nov 08, 2009 2:07 am

Post by uksitebuilder » Fri Oct 14, 2011 6:58 pm

That's because OpenCart sanitizes the code before it reaches the database

ImageImageImageImageImage

For Friendly Professional Support - Click Here


User avatar
Guru Member

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by spikeachu » Fri Oct 14, 2011 8:00 pm

Can you enter something like ##PHP_HERE## in the ckeditor then use str_replace in the controller?

Wedding Invitations and Stationery by Love2print

Commercial Mods
Product Colours on Category Page
Cardsave Direct Gateway
Clear Cache
Promotional Watermarks on Images
Multiple Category / Product Templates ** Popular **
Log Failed Login Attempts
Display Eligible Coupons with Products
Twitter Feeds

Have I helped you out or saved you some time? Please donate


Active Member

Posts

Joined
Fri Mar 12, 2010 6:31 am

Post by uksitebuilder » Fri Oct 14, 2011 8:34 pm

That would simply print out the php code to screen

You would have to str_replace and then eval the result which i highly advise against for security reasons - eval() is evil!

ImageImageImageImageImage

For Friendly Professional Support - Click Here


User avatar
Guru Member

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by spikeachu » Sat Oct 15, 2011 12:55 am

Sorry, I wasn't clear.

I meant to run your PHP code within the controller, then output the result (not the actual code) to the desired place by putting a place holder in ckeditor.

I agree, using eval gets messy and problematic.

Wedding Invitations and Stationery by Love2print

Commercial Mods
Product Colours on Category Page
Cardsave Direct Gateway
Clear Cache
Promotional Watermarks on Images
Multiple Category / Product Templates ** Popular **
Log Failed Login Attempts
Display Eligible Coupons with Products
Twitter Feeds

Have I helped you out or saved you some time? Please donate


Active Member

Posts

Joined
Fri Mar 12, 2010 6:31 am
Who is online

Users browsing this forum: Bing [Bot] and 59 guests