Differences

This shows you the differences between two versions of the page.

--- plugin:ckeditor [2025/02/14 17:32] – [Settings page] duncanc
+++ plugin:ckeditor [2025/06/07 05:55] (current) – [Upgrade CKEditor] duncanc
@@ Line 13: / Line 13: @@
 ----
-This plugin provides CKEditor for editing messages and templates. It also integrates the KCFinder file manager to provide file uploading and browsing.
+This plugin provides CKEditor 4 for editing messages and templates. It also integrates the KCFinder file manager to provide file uploading and browsing.
+Both CKEditor 4 and KCFinder are "end of life", which means they do not receive any code fixes or security updates. The plugin uses the last freely available version of CKEditor 4, version 4.22.1. There is a paid-for version that does have security patches, see [[https://ckeditor.com/ckeditor-4/download/]]
 ===== Installation =====
@@ Line 52: / Line 54: @@
 The Settings page has a CKEditor group where you can configure the plugin.
+{{:plugin:ckeditor_1.png?nolink&500|}}
   * The URL of ckeditor.js
   * The path to a custom configuration file. This is the path from the web root.
-  * You can select to generate a full HTML page when editing a message. The message will then include ''<html>'', ''<head>'' and ''<body>'' elements. This setting defaults to ''No''. The plugin will always enable this setting for CKEditor when editing a template.
+  * You can select to generate a full HTML page when editing a campaign. The message will then include ''<html>'', ''<head>'' and ''<body>'' elements. This setting defaults to ''No''. The plugin will always enable the CKEditor setting for CKEditor when editing a template.
-  * Whether to disallow javascript. The default setting is ''Yes'' in which case ''<script>'' elements, ''onclick'' and similar attributes, and ''<iframe>'' elements will be removed by CKEditor. This helps to reduce the effect of editing malicious HTML.
+  * Whether to disallow insecure features such as javascript. The default setting is ''Yes'' in which case ''<script>'' elements, ''onclick'' and similar attributes, and ''<iframe>'' elements will be removed by CKEditor. This helps to reduce the effect of editing malicious HTML.
   * If using the Dressprow theme, the width and height of the editor window can be specified.
   * The path to KCFinder. This is the path from the web root or a relative path from the ''admin'' directory.
@@ Line 87: / Line 90: @@
 ===== Upgrade CKEditor =====
-The plugin will not automatically upgrade to a new release of the CKEditor package. To see whether there is a later release, or to use either the Basic or the Standard package, visit the CKEditor CDN section [[https://ckeditor.com/ckeditor-4/download/|https://ckeditor.com/ckeditor-4/download/]], then modify the setting "URL of ckeditor.js" on the Settings page.
+CKEditor 4 became end-of-life in June 2023 which means it has had no further updates or security fixes since then. The plugin uses the final free version of CKEditor, 4.22.1.
 ===== Upgrade KCFinder =====
@@ Line 94: / Line 97: @@
 The plugin includes KCFinder 3.20 but the KCFinder package is no longer developed or supported.
-===== Upgrade from phplist 2.10.x with FCKEditor =====
-In phplist 2.10 the FCKIMAGES_DIR value in config.php defines the directory into which images will be uploaded. The value is relative to the phplist root directory.
-In phplist 3.x a different value, UPLOADIMAGES_DIR, is used to define the directory. This value is relative to the web root, not to the phplist root directory. To continue using the same upload directory you must set UPLOADIMAGES_DIR correctly. So, for example, if the existing image upload directory is ''/lists/uploadimages'' then the FCKIMAGES_DIR would be ''uploadimages'' but the value for UPLOADIMAGES_DIR would be ''lists/uploadimages''.
 ===== Issues =====
@@ Line 134: / Line 132: @@
 If you cannot resolve the problem then a work-around is to change one line in the KCFinder config file, setting ''disabled'' to ''false'', as explained in the [[http://kcfinder.sunhater.com/secure#access|KCFinder documentation]].
-==== Only a template or a message can be edited as a full HTML page, not both. This message will use only limited HTML. ====
-By default, CKEditor allows only a limited set of HTML elements to be used. If you want it to generate a full HTML page, including the structural elements (''head'', ''body'' etc), then one of the settings "Allow templates to be edited as full HTML pages" or "Allow messages to be edited as full HTML pages" needs to be enabled in the CKEditor section on the Settings page.
-When one of those settings is enabled, CKEditor will ensure that the HTML structural elements are present, even if not entered directly. This means that it is not sensible to edit both templates and messages as full HTML pages because both will include structural elements leading to badly-formed HTML when a template includes a message using the [CONTENT] placeholder.
-If both of those settings are enabled then the one for templates takes precedence, and CKEditor will allow only limited HTML when editing a message.
-If you want to create only full page HTML messages and do not use templates then set "Allow templates ..." to No and "Allow messages ..." to Yes.
 ====== Support ======
 Please raise any questions or problems in the user forum https://discuss.phplist.org/

Tools

menus and quick search

quick search

site status

location indicator

Page Tools

meta data for this page

Differences