Javascript in description

[webbenny]

Hello!

 

I'm wondering if there is a way to use plain javascript in a product description? Like:

<script type="text/javascript">
var myString = "test";
</script>

If I use the MCE "HTML" function I receive an error if I save the description.

I've searched the forum but didn't found more then insert a external javascript via the template.

Btw. the forum search doesn't allow javascript as searchstring?! Only "javascript".

 

Thanks!

[vekia]

you need to extend tiny mce features. after that - it will work as you expected. 

what ps version you use?

[webbenny]

My Version is PrestaShop™ 1.5.5.0

[webbenny]

Ok, I've modified the tiny mce init with the property

extended_valid_elements: "script",

and

extended_valid_elements: "*[*]",

(yes I know this is bad for security reasons, but it's only for testing purposes)

 

But both did not work. I don't think it's a tiny mce message because the message apperas in a red box after i save the product description. It's definitiv a presta message.

[vekia]

okay, so now: 

 

in class Validate.php at line 405 there is this check:

if (!$allow_iframe && preg_match('/<[\s]*(i?frame|form|input|embed|object)/ims', $html))

add there script and any other markups you want

 

 

but it is necessary to change tinymce too. if you will remove extended_valid_elements: "*[*]", tiny mce will automatically remove scripts etc.

[webbenny]

Wow great, that's the file I was locking for!

Sorry, I don't know the code exactly. But I believe that's line 402 in classes/Validate.php which is the problem.

Line 405 has only the "blacklisted" elements if iframes are not allowed.

if (preg_match('/<[\s]*script/ims', $html) || preg_match('/('.$events.')[\s]*=/ims', $html) || preg_match('/.*script\:/ims', $html))
                        return false;

I think that preg_match('/<[\s]*script/ims', $html) and/or preg_match('/.*script\:/ims', $html) raise an error.

 

A general question: Is this new in Presta 1.5.5.0 because my Javascript worked well in previous versions?!

[amar.prestashop]

Hi,

 

I've just update the PS from v1.4.5.1 to v1.5.5.0

I was using an AJAX Javascript to import an external HTML on to my long description ( i dont use iframe for SEO purpose ), as you can see :

http://www.genuineluxuryoutlet.com/en/belts/28-hermes-style-tortora-italian-saffiano-belt.html

 

But if i try to modify my items or add a new item for security reasons Tiny MCE don't allow to save the product.

How can i disable this security function, i've read the post but it's not clear for me.

Do you have any suggestion ?

 

Thanks

Amar,

[vekia]

this is what you're looking for: full featured tinyMCE editor

[amar.prestashop]

Thank you Vekia,

 

Your given me another solution

 

Amar,

[Nikolas Reissis]

this is what you're looking for: full featured tinyMCE editor

 

Great solution! Thanks 

[john king]

<script type="application/ld+json">

{ 

"@context" : "http://schema.org",

"@type" : "Organization",

"name" : "{$shop_name|escape:'html':'UTF-8'}",

"url" : "{if isset($force_ssl) && $force_ssl}{$base_dir_ssl}{else}{$base_dir}{/if}",

"logo" : {

"@type":"ImageObject",

"url":"{$logo_url}"

}

}

</script>

 

tinymce allow script but i paste this code but save below type code

 

<script>// <![CDATA[

//--><![CDATA[//><!--

// 

{ 

"@context" : "http://schema.org",

"@type" : "Organization",

"name" : "{$shop_name|escape:'html':'UTF-8'}",

"url" : "{if isset($force_ssl) && $force_ssl}{$base_dir_ssl}{else}{$base_dir}{/if}",

"logo" : {

"@type":"ImageObject",

"url":"{$logo_url}"

}

}

//--><!

// ]]></script>

 

 why change script type