Does Joomla have shortcodes like Wordpress? - javascript

In wordpress we have shortcodes that let us place info inside html without using any programming like php or javascript. That's a great feature, as it allow us to be safer when we need to do simple things.
Example (Not real, just an example!), let's say I have the following text The current user is [myusername], and is allowed to do all sort of things in the website. inserted in WYSIWYG editor, while editing an article, then I save and open the article on the site's frontpage, here's what I get:
The current user is admin, and is allowed to do all sort of things
in the website.
Get it?
I wonder if joomla has something like that too. Any ideas?
UPDATE: The only shortcodes I know in Joomla are template related and are for styling only.

Natively Joomla! (3.4) doesn't implement shortcode in content input.
However, you can easily add this feature with an extension. If you google something like "joomla extension shortcode" you will find multiple solutions. Shortcode Ultimate seems to be what you are looking for.
Moreover, some extensions propose their own shortcode system (for example the excellent component for newsletter, Acymailing) for their particular purpose.

Related

Can a Wordpress Plugin be Converted For Use On Non WP Website?

I want to be able to validate SEO rules on a html form. E.g. Check keyword is in title, images have alt tags etc. Wordpress has a brilliant tool for this(Yoast SEO for Wordpress), but i checked the website and they dont have a standalone download. I also cant find any tool to do this elsewhere so before i write it myself i want to see if i can pull it from this plugin.
All i need is the jquery side of this tool (I just want it as a guideline not as a requirement).
I have been able to get all of the Javascript and css files by looking at the page source from a Wordpress site, but there is a lot of other stuff within the page including 126 refrences to "seo" so its going to be a big job to extract all of the information that i need.
yes it can be converted to be used on any php website, but you need to change things in that plugin according to the Non WP sites so that it can be used on Non WP sites. You also need to find substitute functions for that plugin for the functions that are wordpress specific.

Replacing Blogger template with external code

The story is - I'd like to make some changes on my Blogger template but I don't want to do it in a way it could make my readers see what I'm doing.
So, I was thinking about using Greasemonkey or some kind of Firefox add-on to replace all the code in template just for current session and my browser since I'm the one using the script/add-on.
Is there a way to remove all the HTML visible in Bloggers's Template Edit HTML with one I provide in script?
Thanks!
It is always better to create a test blog for experimenting with designs. This is what almost all the webmasters do. You may also use some offline editors such as Adobe Dreamweaver.

Javascript in MediaWiki

I'd like to use some Javascript on my wiki pages, but I haven't been able to figure out how. I'm using a hosted solution on Wikia. So I am unable to modify the installation, add extensions or hack the settings. But I have admin rights on my wiki so I can access the MediaWiki namespace and MediaWiki:Common.js.
The javascript I want to use (Tangle) will consist of an external script that will be common to a number of pages(but not all pages in the wiki) and some code that will be specific to each page, the kind you would normally put inline in the <script> tag.
The trouble is, Mediawiki sanitizes <script> tags, and I haven't been able to find a way to put them in. I'm trying to make this into an editor-friendly setup that will be used across the wiki, so I'm also trying to avoid hacks and find a proper solution.
Update: New problem
Apparently MediaWiki also sanitizes the HTML5 data attributes, which Tangle relies on heavily. Any ideas on solving that problem is very welcome.
MediaWiki doesn't allow <script> tags in pages for obvious reasons: if it did, anyone could use them to inject JavaScript into your wiki and e.g. steal login credentials.
There are a couple of things you could do:
Write some generic JavaScript code to extract the parameters from something that is allowed on MediaWiki pages, such as a hidden <div>. Be careful not to introduce security holes when doing that.
Add something like this to MediaWiki:Common.js:
importScript('MediaWiki:Tangle/' + wgPageName + '.js');
Then, whenever a user visits the page "Foo", the page "MediaWiki:Tangle/Foo.js" will be loaded as JavaScript. Of course, that page will only be editable by admins, but that might still be enough for your needs. (You could use the same trick to import JS from pages in other namespaces, but that would open a security hole miles wide.)

newbie question about javascript embed code?

I am a javascript newbie. I am trying to write a requirements document, and need some help describing what I am looking for. We want our application to generate a javascript snippet like this:
<script src="http://www.jotform.com/jsform/10511502633"></script>
This will load a web form.
So my question is:
- How does a single script load an entire web form? Is this a JSON?
- What is this called? Is this a cross browser javascript?
- Can anyone point me in the direction of learning more about what this is?
Thank you for your help!
The javascript file is just hosted on an external site. It appears to be dynamically generated, so feel free to use some fancy words ;) But basically, you just include it here, as if it was on your own site.
You could say "The application will generate the required script-tags to include dynamically generated javascript file from an external, third-party site".
Offcourse you need to take special cautions for cases when the include won't work, because the other site is not reachable (site is down, DNS does not work, file is moved on other webserver, your application is on an intranet/behind a proxy/firewall...). Why can't you copy their file and mirror it locally? Or use a reliable Content Delivery Network, like Google or Amazon.
There are many names for this type of inclusion. The most common being widget.
What does it actually do:
take an id of some sort as parameter
use the id to fetch some specific data (most likely from a database)
generate some js and html based on the id/data
usually this involves iframes of some sort.
To use a script rather than an html iframe has multiple advantages
you can change what is actually delivered to the users browsers without changing the include
you can resize the iframe to fit certain predefined sizes
you can inject the necessary things into the page the widget is included (of course you need to make sure this is sanctioned)
We use this all the time and we never regreted it.
If you don't want to build the widget infrastructure yourself you can always use one of the widget providers like widgetbox:
http://www.widgetbox.com/widgets/make/
With those you are up and running in no time.
This is typically called a script include.
Google have lots of these types of items, and even they call them by many names,
widgets, custom javascript, snippets, custom code, etc. It really depending on who you are writing for... I would go with "cross platform embeddable javascript code" meaning that it would need to load all its dependancies. Also specify which browsers need to be supported and what should happen is the user has javascript turned off.
EDIT :
Actually since we are talking unique IDs, you will need 2 parts probably, the user/site unique "cross platform embeddable javascript code" and whatever serverside code to support it. Basically this is an API that is accessed using your own javascript widget. Feel free you point to examples in your requirements document, programmers love examples.

rich text editing, prevent embeded javascript code

I made a website using the famous symfony framework. I wanted to add rich editing feature to it. And I found TinyMCE editor. But there comed a problem: how about the user embed some javascript code into the content? such as alert('hello world').
I tested wordpress, which is a very famous blog software. It faces the same problem. example.
It is no big deal if some one embed an alert script. But what if they embed some dangerous code? Have you encountered the same problem? Should I use markdown instead of html? Any good widget for markdown editing?
It's a good idea to use an existing library to clean out your user input, the html purifier project: http://htmlpurifier.org/ seems maintained and well made.
Don't allow any embedded javascript in your user input. This is easy to clean out either on the client or the server. Have a "white list" of HTML tags you support, and remove any event listener attributes from whatever you do allow.

Categories

Resources