Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

Ready to contribute?

Amazing! Sign our contributors' agreement and then join us on GitHub.

Vanilla 2.3 fully supports PHP 7. Get it now!
Please upgrade to 2.3 here. The 2.2 and earlier branches are no longer being updated.

Feedback here! :)

This discussion is related to the EasyReply addon.
andelfandelf New
edited December 2010 in Vanilla 2.1 & Earlier Help
We've used this in production.
works well.
any feedback is welcome.
Forlan
«1

Comments

  • JeffDunneJeffDunne New
    edited December 2010
    Does it simply add the text or an anchor to the post being quoted?
  • @JeffDunne like this. just a simple link indicating reply whom.
  • @JeffDunne the Quote addon may lead to many nested backquote. so I made this.

    I am planning to add a link to anchor of the comment.
  • @andelf let us see, your site in action. thanks

  • Thanks, yes an anchor to the comment being replied to will be useful! :)
  • RaizeRaize vancouver ✭✭
    This was definitely needed. thanks
  • Useful one, but seems it doesn't support the CLEditor?
  • Has anybody tested this on the mobile theme?
  • RaizeRaize vancouver ✭✭
    This doesn't work with the CLEditor
  • If you want to work it with CLEditor, do the following:
    Comment or remove the lines below in ezreply.js:

    /*
    $('body').animate({ scrollTop: ipt.position().top }, 300);
    ipt = ipt[0];
    setCursorPosition(ipt, ipt.textLength);
    ipt.focus();
    */

    Then insert the lines below to the same place:

    var ed = ipt[0].editor;
    if (ed) {
    // Update the frame to match the contents of textarea
    ed.updateFrame();
    }


    An issue still remains though: it works only once without page refresh.
    Click reply -> write something -> post comment. You see your nice comment, but when you click reply again (without page refresh), nothing happens.
    I'd appreciate some help on fixing that...
  • im use russian latters for user nicks, when use "@" this simbol with russian nick - this nick dont have link to user profile (for users with latin letters works ok)
  • @batters you shouold modify the '@mentions' regexp in vanilla source code
  • @andelf tell me more what i want to do, i dont know chinese lang
    how to modify '@mentions'
    and possible do link to profile when use cirillic latters with simbol '@'
  • @batters ok~
    the key function is GetMention in the file functions.generl.php.
    there is a regular expression to match `@something`, so in order to use chinese or russian nick, you should modify it to support your lang.
    '/(?:^|[\s,\.])@([\S]{1,20})(?=[\s,\.!?]|$)/i'
    also library/core/class.format.php 's Menions() function
    first regexp change to '/(^|[\s,\.])@([\S]{1,20})(?=[\s,\.!?]|$)/i',
  • @andelf
    its not help rus nicks with simbol '@' dont have links to the profile

    i change files functions.general.php and class.format.php as you wrote
  • @batters I don't know how the new version look like.
    perhaps you should full text search "mentions"
  • battersbatters New
    edited August 2011
    @andelf my version 2.0.17.9
  • @andelf can you help me please with this mentions?
  • mattmatt ✭✭
    edited July 29

    I've made some changes to this plugin to get it to work more reliably.
    Previously it would stop working if the textarea was edited, as mentioned by @Csabbencs

    It now uses val() rather than html() to check or modify the textarea contents, and the animate() call has also been changed to work more reliably.

    Download: [removed]

  • 422422 Developer MVP

    Please dont link downloads to external sites, via masked short urls. Upload as revised plugin if need be or speak to @underdog

    422 Real Estate Australia , now open Check it out

  • mattmatt ✭✭
    edited July 29

    It's not a masked URL, it's a link to a file hosted on the CloudApp service.
    Here's a direct download version of the link: [removed]

    Not sure if @andelf is still around? Can @underdog help?

  • @matt Great job on this, cleared up some issues I was having with it for sure.

    @andelf should really assimilate your code, or you should spin it off.

  • Hello everyone,
    I have a small problem with this extension.
    In my case this extension does nothing. I mean I thought get <a href="#username">answer</a> but when you click this link, the username should automatically copied in comment box area like @username.
    Is this what this plugins does or just puts username in the link?

    I would appreciate if you could reply asap.#
    Thank you !!!

  • R_JR_J Cheerleader & Troubleshooter Munich MVP

    @vanillawhisky Have you read this comment and tried the version @matt has uploaded?

    @matt said:
    I've made some changes to this plugin to get it to work more reliably.
    Previously it would stop working if the textarea was edited, as mentioned by @Csabbencs

    It now uses val() rather than html() to check or modify the textarea contents, and the animate() call has also been changed to work more reliably.

    Download: http://cl.ly/2t3S02191S3j35231b17

  • RiverRiver MVP
    edited July 27

    @R_J said:
    @vanillawhisky Have you read this comment and tried the version @matt has uploaded?

    @matt said:
    I've made some changes to this plugin to get it to work more reliably.
    Previously it would stop working if the textarea was edited, as mentioned by @Csabbencs

    It now uses val() rather than html() to check or modify the textarea contents, and the animate() call has also been changed to work more reliably.

    Download: http://cl.ly/2t3S02191S3j35231b17

    But the modified plugin and the original EASYREPLY plugin both use

       public function Setup() {
          SaveToConfig('Garden.Html.SafeStyles',FALSE);    // make forum susceptible to clickjacking and other malicious coding
       }
    
       public function OnDisable() {
          RemoveFromConfig('Garden.Html.SafeStyles');
       }
    

    What, this means is if you enable the plugin from the dashboard you will be using be disabling the protection from the HTMLAWED plugin that prevents users from injecting styles into a discussion.

    A malicious user could add some styles and make the discussion unusable. or you could be susceptible to clickjacking.

    Its your choice if you want to use but it is best to rely on either a TRUE statement in config.php OR no statement at all with regards to $Configuration['Garden']['Html']['SafeStyles'] in config.php.

    $Configuration['Garden']['Html']['SafeStyles'] = TRUE; // disallow style/class attributes in html to prevent click jacking

    but BE AWARE -- PUBLIC SERVICE ANNOUNCEMENT. CLICKJACKING AND OTHER STYLE VULNERABILITIES

    $Configuration['Garden']['Html']['SafeStyles'] = false; // will open you up to user mischief or clickjacking

    If you want try a Demo what the potential deleterious impact of EasyReply plugin might be

    • 1 enable the easyreply plugin

    • 2 enter the following in a discussion on your forum

      <p style="color:red;font-size:500px; position: absolute;top: -5;left: 0;line-height: 90px;">Using Style Sheet Rules</p> 
      
    • 3 you will now see a large font that may obscure some of the page in the discussion where you cut and pasted the above code. This is a small token of what can occur by a user entry.

    • 4 you will probably want to remove the entry. you can delete the discussion or edit it. But first before deleting the discussions you can

    • 5 to prevent this from happening. go to your cofig.php and delete the line that says
      $Configuration['Garden']['Html']['SafeStyles'] = false;

    • once $Configuration['Garden']['Html']['SafeStyles'] = false; is removed or is set to true in your config.php you will be in a safer position with regards to users posting to your forum.

    the function of this plugin would be best changed so it does not invoke this function

       public function Setup() {
          SaveToConfig('Garden.Html.SafeStyles',FALSE);    // make forum susceptible to clickjacking and other malicious coding
       }
    

    Every time you enable easyreply in the dashboard it will prevent Safestyles from working as it should to keep you and your forum safe.

    At least you know now, and you can make an informed decision.

    from this discussion:

    https://vanillaforums.org/discussion/comment/242196/#Comment_242196

    @vanillawhisky said

    @River said:
    https://github.com/vanilla/vanilla/blob/7fcb213c7540d4c4fe04c3f6c0676f38df7e29e0/plugins/HtmLawed/class.htmlawed.plugin.php#L138

    as an aside you may not be aware that turning off safestyles may be a bit unsafe

    I didnt understand what you mean. Can you please make it a bit clear.

    vanillawhisky, If you try my demo instructions above it should be crystal clear via visual representation on your forum.

  • @River said:
    Its your choice if you want to use but it is best to rely on either a TRUE statement in config.php OR no statement at all with regards to $Configuration['Garden']['Html']['SafeStyles'] in config.php.

    $Configuration['Garden']['Html']['SafeStyles'] = TRUE; // disallow style/class attributes in html to prevent click jacking

    but BE AWARE -- PUBLIC SERVICE ANNOUNCEMENT. CLICKJACKING AND OTHER STYLE VULNERABILITIES

    $Configuration['Garden']['Html']['SafeStyles'] = false; // will open you up to user mischief or clickjacking

    If you want try a Demo what the potential deleterious impact of EasyReply plugin might be

    Thanks for your tips.
    making $Configuration['Garden']['Html']['SafeStyles'] = false/true; doesnt get what I want.
    However I found something strange in my forum.
    during the page loading , this plugins (or say answer button) works. that means i get @username in textbox but as soon as page stops loading , this button works no more. I find this strange. I guess this is something to do with javascript.
    Is there any plugins which I can use insteed of this EasyReply ? I also tried ReplyTo plugin but this creates failure.

  • R_JR_J Cheerleader & Troubleshooter Munich MVP
  • RiverRiver MVP
    edited July 28

    @linc what about deleting this EASYREPLY plugin because of $Configuration['Garden']['Html']['SafeStyles'] issue.
    and r_j will eventially have a working replacement.

    many people will not know they are adding a potential UNSAFE invite for clickjacking secutiy issue to their forum if they use this plugin.

  • RiverRiver MVP
    edited July 28

    @vanillawhisky said:

    Is there any plugins which I can use insteed of this EasyReply ? I also tried ReplyTo plugin but this creates failure.

    what is your goal? EasyReply and Replyto do two different things.

    one appends the name with an @ to a comment, the other creates a threaded discussion tree and both appear very old plugins.

    why don't you use the quote plugins?

    without knowing what you are trying to achieve hard to make suggestions.

    vanillawhisky said:

    should automatically copied in comment box area like @username.

    Is this what this plugins does or just puts username in the link?

    I think it just puts user name in link.

    why not use the quotes plugin that comes with the core?

«1
Sign In or Register to comment.