Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
Ask a Question

For editor plugins, should HTML be stored in the database?

+1 vote
1.3k views
in Q2A Core by
I'm looking at creating a Markdown editor for Q2A. Would it work better to store the HTML in the database or the plain Markdown. With the first method, we need to convert the HTML back to markdown for editing. For the latter, we need to convert markdown to HTML on the fly when the page is loading. Which is easier?

1 Answer

0 votes
by

I think this is a job for an editor and viewer module combined into one plugin. You should store the plain markdown in the database, and give it a new format value like 'markdown'. You can then render this format into text or HTML as requested, using your viewer module. Hopefully by the end of today the documentation about viewer and editor modules will be online.

Show 3 previous comments
by
Thanks for the info gid, that was spot on. The only extra thing I added was qa_sanitize_html on editor->read_post and viewer->get_html. The basic Markdown editor, sans toolbar, is working perfectly :)
by
OK regarding 2a: if we're outputting custom HTML, is there a function to get the textarea for you, with all the correct attributes? Obviously there are custom classes/sizes on there that maybe shouldn't be specified by my plugin.
by
First of all, just a hint: if your user is not providing HTML themselves, there is no need to use qa_sanitize_html(), since there's no way for the user to inject Javascript or other nasties. Certainly you shouldn't need it for HTML that you build yourself in your viewer.

As for your question about the textarea, I'm afraid it's not currently possible. You do of course have the option of returning a Q2A form element that describes a textarea, but this won't allow you to fully customize the HTML around it.

So for practical purposes I think you're fairly safe just hard-coding CLASS="qa-form-tall-text" (and whatever else is appropriate) in your HTML. It's true that someone's custom theme could render that CSS class meaningless, but in practice it's not very likely to happen.
by
Actually with Markdown you can use HTML, although the Markdown PHP library takes care of script tags and other nasty code. The main reason I'm using Q2A's sanitize function is to add nofollow to the links.

Everything seems OK in Firefox. Currently struggling with a weird bug in the WMD Javascript editor that only pops up in Chrome/Opera...
Snow Theme by Q2A Market
Powered by Question2Answer
...