includes/clientside/tinymce/switcher.js
author Dan
Sat, 19 Jan 2008 00:47:52 -0500
changeset 447 a9a3789ce02d
parent 1 fe660c52c48f
permissions -rw-r--r--
Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.

function readCookie(name) {var nameEQ = name + "=";var ca = document.cookie.split(';');for(var i=0;i < ca.length;i++){var c = ca[i];while (c.charAt(0)==' ') c = c.substring(1,c.length);if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);}return null;}
function createCookie(name,value,days){if (days){var date = new Date();date.setTime(date.getTime()+(days*24*60*60*1000));var expires = "; expires="+date.toGMTString();}else var expires = "";document.cookie = name+"="+value+expires+"; path=/";}
function eraseCookie(name) {createCookie(name,"",-1);}

function initSwitcher()
{
  if(readCookie('tmce_demo_mode') == 'tinymce')
  {
    switchToMCE();
  }
}

function switchToMCE()
{
  elem = document.getElementById('tMceEditor');
  tinyMCE.addMCEControl(elem, 'content', document);
  createCookie('tmce_demo_mode', 'tinymce', 365);
}

function switchToText()
{
  elem = document.getElementById('tMceEditor');
  tinyMCE.removeMCEControl('content');
  createCookie('tmce_demo_mode', 'text', 365);
}

function switchEditor()
{
  if(readCookie('tmce_demo_mode') == 'tinymce')
  {
    switchToText();
  }
  else
  {
    switchToMCE();
  }
}

window.onload = initSwitcher;

tinyMCE.init({
      mode : "exact",
      elements : '',
      theme_advanced_resize_horizontal : false,
      theme_advanced_resizing : true,
      theme_advanced_toolbar_location : "top",
      theme_advanced_toolbar_align : "left",
      theme_advanced_buttons1_add : "fontselect,fontsizeselect",
      theme_advanced_statusbar_location : 'bottom'
  });