I discovered what I consider to be a bug in the EZ-Pages HTML editor (it's not a problem when in text-only mode). Basically, I came across the bug after embedding javascript into the text view (ie. text mode) of the HTML editor (ie. the text mode after clicking the Toggle HTML Mode button).
I've traced the problem down to the following section of code in the zen-cart/editors/htmlarea/htmlarea.js file.
Lines 1,951-1,961 of htmlarea.js:
// performs HTML encoding of some given string
HTMLArea.htmlEncode = function(str) {
// we don't need regexp for that, but.. so be it for now.
str = str.replace(/&/ig, "&");
str = str.replace(/</ig, "<");
str = str.replace(/>/ig, ">");
str = str.replace(/\x22/ig, """);
// \x22 means '"' -- we use hex reprezentation so that we don't disturb
// JS compressors (well, at least mine fails.. ;)
return str;
};
That section of code was causing me quite a headache the other day.
I embedded the following javascript code into the top of one of my EZ-Pages:
<script type="text/javascript" language="javascript"><!--
function openWindow(URL, windowName, windowFeatures) {
newWindow=window.open(URL, windowName, windowFeatures);
}
function closeWindow(windowName) {
newwindow.close(windowName);
}
function addWindowFeatures(w, h) {
var height=h;
var width=w;
var toolbar=0;
var status=0;
var menubar=0;
var directories=0;
var location=0;
var resizable=0;
var scrollbars=0;
var left=(screen.width - width)/2;
var top=(screen.availHeight - height)/2;
var features='left=' + left + ',' + 'top=' + top + ',' + 'toolbar=' + toolbar + ',' + 'status=' + status + ',' + 'menubar=' + menubar + ',' + 'directories=' + directories + ',' + 'location=' + location + ',' + 'resizable=' + resizable + ',' + 'scrollbars=' + scrollbars + ',' + 'height=' + height + ',' + 'width=' + width;
return features;
}
//--></script>
Lines 1954, 1955, and 1956 (the string replace of < > and &) was malforming my javascript. Specifically, as soon as I clicked the toggle HTML Mode button, it would transform the lead in and lead out portions of the javascript, ie. '<!--' and '//-->', into '<!--' and '//-->'. That, of course, broke the javascript portion of the page.
So, I guess my question is this:
What effect does commenting out lines 1954, 1955, and 1956 have on the functionality of the HTML editor? I have not noticed any ill effects. I suppose that I won't notice anything unless I try to use the <, >, or & signs as characters on an html page.
Has anyone else tried this hack?
// performs HTML encoding of some given string
HTMLArea.htmlEncode = function(str) {
// we don't need regexp for that, but.. so be it for now.
//str = str.replace(/&/ig, "&");
//str = str.replace(/</ig, "<");
//str = str.replace(/>/ig, ">");
str = str.replace(/\x22/ig, """);
// \x22 means '"' -- we use hex reprezentation so that we don't disturb
// JS compressors (well, at least mine fails.. ;)
return str;
};
Thanks!



