User not able to post iframes in joomla article - iframe

I am not able to add iframes to an article as a limited user.
As a super user, I am able to do so because I allowed it in the JCE editor settings. There is an option for user profiles there, so I edited the default one and gave permission to every user. Still when I login as a user with limited rights (no admin rights and no superuser rights) it refuses to save the iframe.
What am I doing wrong?
I am use JCE in Joomla 3.5.1.

You missed this steps set Filter Type to No Filtering in Joomla! Global Configuration, Text Filters tab
Configure Joomla! Article filters
By default Joomla! 'cleans' content on saving, removing script tags, event attributes (such as onclick, onmouseover etc.) and style tags.
A simple article parameter change is all that is required to fix this.
Joomla! 2.5 and Joomla! 3
In the Joomla! Global Configuration, click on the Text Filters tab.
For the Super Users group, or any other trusted user group, set Filter Type to No Filtering. Make sure that you only set this option for user groups that can be trusted as setting the Filter Type to No Filtering will essentially allow the user to include any html in an article.
Reference https://www.joomlacontenteditor.net/support/faq/item/iframe-removed-on-saving

Joomla! 2.5 and Joomla! 3
In the Joomla! Global Configuration, click on the Text Filters tab.
For the Super Users group, or any other trusted user group, set
Filter Type to No Filtering. Make sure that you only set this option
for user groups that can be trusted as setting the Filter Type to No
Filtering will essentially allow the user to include any html in an
article.
Please refer this url
https://www.joomlacontenteditor.net/support/faq/item/iframe-removed-on-saving

Also, in case there is still trouble with this after trying the above solution, make sure that the embed code's URL is set to whatever the site's SSL setting is.
For instance, if the site is set to Force SSL in the configuration.php document in the root folder and your site is https as a result, the URL of the embed code needs to also be https. Browsers such as Firefox will block the iframe if the URL is http.
For what it's worth. Cheers!

Related

Only site administrators should be able to set default display view of folders on Plone 4.3

All logged-in members of my plone site have the permission to edit, create and publish content. Unfortunately, they are also able to change the default display view of a folder. This leads to a lot of problems as the site members sometimes - accidentically - change to a view template that a folder is not suitable for.
How can I change plone the way that only role administrator is able to set the default view of all folders? Normal site members should not be able.
Since I trust my members something like a JS+CSS solution that hides the display menu for everybody except site administrators would be acceptable, too.
The permission you are looking for is called Modify view template. All roles with this permission can change the template. If your Workflow manages the permission, give it only to the Administrators.
If your Workflow does not manage the permission you can change it globally by change the security configuration on the plone root.
Goto: http://plonesite/manage_access (Security-tab in ZMI)
Search for Modify view template.
Change the configuration. In your case only allow Administrator to change the view template.

Restricting access when using URL - Drupal

I have created several pages in my drupal website and set permissions to each of the page depending upon the roles I have.
The problem is if I know the URL, I can access that page even though I am not a registered and authorized user.
This will be a problem if some random person/hacker plays around with the URLs and comes across a page that is supposed to be viewed by an authorized user.
I am new to Drupal and any help is appreciated.
If you correctly set the permissions it will restrict access based on roles regardless if they know the URL. Are you sure that when you are testing it you are actually signed into or using a role that doesn't have access to that page?
Drupal lets you set permissions for who can Create, Edit and Delete content types. You need a contributed module for setting who can 'View' permissions of individual pages/nodes.
Download Content Access from https://drupal.org/project/content_acces. After you install it and configure the default values for the content type, you will need to click the content access tab after you create the page.
'Taxonomy Access Control Lite' is very light and more user-friendly; permissions are set within the edit view (normal fields), however, it takes some effort to understand how it works and to set it up.
See a comprehensive list of node access modules at https://drupal.org/node/270000
Tip: Don't use more than one module for node access permissions.

How do I add a new user in a ScrewTurn wiki?

We have an internal development wiki setup that uses ScrewTurn, but I am struggling with the most basic of tasks which is to add new users or edit existing ones. This was setup by a former colleague that is no longer employed at the company and no one has any experience of the administration side of it.
Based on the information available this should be a very simple task, however the "Accounts" tab described and pictured in the previous link simply does not exist in the administration section of our wiki.
The tabs we have are Admin Home, User Groups, Wiki Pages, Categories, Snippets/Templates, Nav. Paths, Content Editing, System Log, Providers and Configuration.
We have 8 registered users, all set as administrators (confirmed in the front end and databased) and these are set granted as having full control.
So what am I missing? Can the "Accounts" section be hidden? Are we using a different version (the listed version is 3.0.5.600 which reports itself to be up to date)?
It looks simple enough to setup users in the database, but I'd like to be able to use the front end.
Select Administrators under User Groups and grant full control to your admins and uncheck unwanted restrictions under "Deny".
If you are cannot access the User Groups tab, try to login as super administrator to verify the permissions of your Administrators group.
To login as super administrator, add this to your web.config under <appSettings>:
<add key="MasterPassword" value="YourSecretPasswordHere" />
Then login with the user admin and the password you set.
And make sure to remove that setting after you sort things out.
The admin menu was probably modified. Try going directly to the page AdminUsers.aspx (so something like "http://yourwikidomain.com/AdminUsers.aspx").
To fix the menu, download the Screwturn install files from the web site (http://www.screwturn.eu/Download.ashx) and copy the "Admin.master" page to your site. You may want to compare them first to see what changes were made.

Menu visiblity control

i am in involving in developing the site builder by using Drupal. since it is site builder,user able to create a site based on needs and manipulate his menu items but other user won't edit this menu items.is it possible do like this.
Any one guide me how to control the menu items.
You did not mention your Drupal version, if you want to do this in code or through the UI...
So I am not really sure how well the answer will fit.
You need to have permissions set upon block creation for all users (IE: anonymous) to have access permissions on that block and it's content.
I believe there are permissions that may also need to be allowed on the permission configuration page in admin/user/permissions on Drupal 6. Look for the permissions that allows users access to other user content, most content usually allows anonymous viewing by default, though if I remember correctly.
Blocks can also be configured individually through the UI and by permissions set by ROLE, so you may want to check in the block configuration page also if you plan to do any changes to that blocks permissions manually.
Too lazy to log in to get screenshots, but it should give you clues on where to look.
On a sidenote, you should post your Drupal questions on drupal.stackexchange.com, you will get more Drupal users there to respond than here.
Hope that helps, good-luck

Drupal wrongly allowing access for anonymous users to a single edit page

My Drupal / ubercart install has a bizarre issue. Anonymous users can access an edit page /node/44/edit for s SINGLE node only - an ubercart product. I have created a new version of the node, which does not have the issue. The tabs (view / edit) are also available on the product page to anonymous users. The issue became clear when the page was edited by a spam bot.
Is there any way I can output the decision making process which Drupal makes to the screen? For example can I output the variables to the screen which Drupal uses to make the decision about whether the user has access to a given URL or not?
Thanks in advance.
There may be a better way, but to start, you could create a custom module that implements hook_menu_alter, then dump the contents of the $items array, to see the access callback associated with /node/44/edit or /node/%/edit.
One thing to try would be to "rebuild node permissions" You do this from the admin/content/node-settings page. It might be as simple as the permissions being jacked up, which is rare but does happen sometimes.

Resources