Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>{$lang_fullscreen_title}</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<script language="javascript" type="text/javascript" src="../../tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
function patchCallback(settings, key) {
if (settings[key])
settings[key] = "window.opener." + settings[key];
}
var settings = new Array();
// Clone array
for (var name in window.opener.tinyMCE.settings)
settings[name] = window.opener.tinyMCE.settings[name];
// Override options for fullscreen
for (var name in window.opener.tinyMCE.settings.fullscreen_settings)
settings[name] = window.opener.tinyMCE.settings.fullscreen_settings[name];
// Patch callbacks, make them point to window.opener
patchCallback(settings, 'urlconverter_callback');
patchCallback(settings, 'insertlink_callback');
patchCallback(settings, 'insertimage_callback');
patchCallback(settings, 'setupcontent_callback');
patchCallback(settings, 'save_callback');
patchCallback(settings, 'onchange_callback');
patchCallback(settings, 'init_instance_callback');
patchCallback(settings, 'file_browser_callback');
patchCallback(settings, 'cleanup_callback');
patchCallback(settings, 'execcommand_callback');
patchCallback(settings, 'oninit');
// Set options
settings['mode'] = 'exact';
settings['elements'] = 'fullscreenarea';
settings['ask'] = false;
settings['setupcontent_callback'] = 'setupContent';
settings['fullscreen_is_enabled'] = true;
settings['fullscreen_editor_id'] = window.opener.tinyMCE.getWindowArg("editor_id");
settings['theme_advanced_resizing'] = false;
// Init
tinyMCE.init(settings);
tinyMCE.documentBasePath = window.opener.tinyMCE.documentBasePath;
function setupContent(editor_id, body, doc) {
var inst = tinyMCE.getInstanceById(editor_id);
var content = window.opener.tinyMCE.getContent(tinyMCE.getParam('fullscreen_editor_id'));
// Setup title
var divElm = document.createElement("div");
divElm.innerHTML = tinyMCELang['lang_fullscreen_title'];
document.title = divElm.innerHTML;
// Get content
inst.execCommand('mceSetContent', false, content);
}
function unloadHandler(e) {
moveContent();
}
function moveContent() {
var doc = tinyMCE.isMSIE ? window.frames['mce_editor_0'].window.document : document.getElementById('mce_editor_0').contentDocument;
window.opener.tinyMCE.setInnerHTML(window.opener.tinyMCE.selectedInstance.getBody(), doc.body.innerHTML);
}
// Add onunload
tinyMCE.addEvent(window, "beforeunload", unloadHandler);
function doParentSubmit() {
moveContent();
if (window.opener.tinyMCE.selectedInstance.formElement.form)
window.opener.tinyMCE.selectedInstance.formElement.form.submit();
window.close();
return false;
}
</script>
<base target="_self" />
</head>
<body style="margin: 0; overflow: hidden; height: 100%" scrolling="no" scroll="no">
<form onsubmit="doParentSubmit();" style="height: 100%">
<textarea id="fullscreenarea" style="width: 100%; height: 100%"></textarea>
</form>
</body>
</html>