
Originally Posted by
RodG
"Have a custom field for video code in the new_product admin."
What is your definition of 'video code' ? Is it the video itself, a direct link to where the video is located, or perhaps an iframe with embedded code (either a link to the source, or the video itself) ?
It is the standard embeddable iframe provided by youtube when you click embed. Looks like this:
Code:
<iframe width="853" height="480" src="//www.youtube.com/embed/qpgTC9MDx1o" frameborder="0" allowfullscreen></iframe>
The old embed code from them used to be an object.

Originally Posted by
RodG
"Everything used to work fine before switching to Godaddy's (ugh)"
I think this is a good clue as to why it no longer works, don't you?
You mean because godaddy sucks? Yeah.

Originally Posted by
RodG
"They say it's a mod_security setting"
This can also be many different things. For instance, are they disallowing links to certain sites, or perhaps a particular type of file, or maybe just iframes (which really should be avoided anyway).
It's likely iframes. The point is though that iframes work in the regular product description field, just not in the custom field now since moving to C-Panel.

Originally Posted by
RodG
"I can log into myphpadmin and add the iframe there directly"
This suggests that you are adding the code for an iframe with embeded data, directly into the database. This generally isn't how iFrames are added to a page/pages.
Where did you get the information to do it this way?
What I meant was that I was testing it and added the iframe embed code in the database directly instead of via the ZC new product admin and the embed code displays on the front end just as it should. So my code is working properly, it's just not letting the iframe embed code write from my custom field in admin to the database table.

Originally Posted by
RodG
"and it works."
phpmyadmin is generally 'local' to the server that it is being used on, so if by 'it works' you mean the phpmyadmin is showing the iframe/video that would be because the mod_security rules are typically designed to restrict certain access requests from a remote host and since the phpadmin access is 'local' the same rules may not apply.
Exactly, something about how the custom field writes to the database is being blocked by mod_security, but how the normal product description field writes is not being blocked. I guess it means I need to make a change to the custom field code in collect_info.php

Originally Posted by
RodG
"The odd things is that adding iframe video code to the regular product description field works just fine."
So why not use this method?
The reason for making an entirely separate custom field is so that you can have more control over displaying using the information in that field. If the video code is added to the product description field, then you are limited as to what you can do with it and where you put it, specifically if the product description field is already being used for other stuff.

Originally Posted by
RodG
What happens if the "something" you type in the text box is the same as whatever it is the "custom field is adding to the database"? if 'something is happening' with it then surely you'd be able to look at what has gone into the database to see what this difference is?
The problem could be as simple as the database field isn't big enough to hold the data, or perhaps the input contains quotes, apostrophes or some other 'special' character that isn't being correctly escaped?
When adding an iframe embed code to the custom field, nothing makes it to the database because after clicking "preview" the page is stopped by a 406 error. Using youtube's old embed code (object based) works fine. It's not an issue with the database field being big enough because the object code is bigger and it works, and the iframe can be added directly to the database and works.
Godaddy just said that "Most likely the trigger is that you are trying to submit a URL via GET or POST".
This is the custom field code in admin (based on this):
PHP Code:
if (isset($_GET['pID']) && empty($_POST)) {
$product = $db->Execute("select pd.products_name, pd.products_description, pd.products_url,
p.products_id, p.youtube_vids, etc etc etc
PHP Code:
<tr bgcolor="#eeeeee">
<td class="main">YouTube Vids:</td>
<td class="main"><?php echo zen_draw_separator('pixel_trans.gif', '24', '15') . ' ' . zen_draw_input_field('youtube_vids', $pInfo->youtube_vids, zen_set_field_length(TABLE_PRODUCTS, 'youtube_vids')); ?></td>
</tr>