Joomla Text Filter Settings have no effect on Virtuemart?

Started by rjcroasdale, March 24, 2016, 13:00:47 PM

Previous topic - Next topic

rjcroasdale

Hello all :) Happy Easter to all that applies.

I have managers who wish to use no wysiwyg and manually add img and p, with style attributes. Joomla has specific filters, which are configurable as white list, black list and custom etc, I can see these in /libraries/joomla/filter/input.php (futher info on Settings below).

It seems however that none of these setting affect the Virtuemart filtering of such tags and attributes. With no wysiwyg, the Joomla Text Filter Settings set to allow img, p and style attributes, Virtuemart seems still to strip out these elements from the product_description e.g. <p><img src="/images/stories/test.jpg"/></p>

It seems VM uses htmLawed 1.1.10 to sanitize, (/administrator/components/com_virtuemart/helpers/vmfilter.php), if so - is this instead of using Joomla filters?

If that is the case, is this the right file to edit to allow managers to use img and p tags?

If not, any guidance appreciated...
Thank you
Regards to all
>zB
Joomla 3.4.8, VM 3.0.12


Joomla 3 Text Filter Settings Info




1. Black List allows all tags and attributes except for those in the black list.
-- Tags for the Default Black List include: 'applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'
-- Attributes for the Default Black List include: 'action', 'background', 'codebase', 'dynsrc', 'lowsrc'
-- You can black list additional tags and attributes by adding to the Filter Tags and Filter Attributes fields, separating each tag or attribute name with a comma.
-- Custom Black List allows you to override the Default Black List. Add the tags and attributes to be black listed in the Filter Tags and Filter Attributes fields.

White List allows only the tags listed in the Filter Tags and Filter Attributes fields.

No HTML removes all HTML tags from the content when it is saved.

Please note that these settings work regardless of the editor that you are using.
Even if you are using a WYSIWYG editor, the filtering settings may strip additional tags and attributes prior to saving information in the database.

2. List additional tags, separating each tag name with a space or comma. For example: p,div,span.

3. List additional attributes, separating each attribute name with a space or comma. For example: class,title,id.

rjcroasdale

OK so silly me. After going through all the code, followin up on a couple of different scripts that seemed to filter stuff, finding the auth sections etc.... ANYWAY! just needed to go to permissions, COM_VIRTUEMART_ALHTML and enable that. Done.