Clean Mitts Posted February 6, 2012 Share Posted February 6, 2012 Hi, So it seems there are quite a few holes in the tinyMCE script that is allowing some idiot russian hackers to issue redirects through my .htaccess files, and upon doing alot of googling it seems the culprit is tinyMCE. Which I never liked anyway. Is there any way this can be removed completely or even better anyone know of how to upgrade to the latest (if secure) version? Regards, Clean Mitts Link to comment Share on other sites More sharing options...
devein Posted May 9, 2013 Share Posted May 9, 2013 disabling tinyMCE should work for 1.4 and 1.5: edit file: tinymce.inc.js (in 1.4 it is located in \js\ directory) change the line: editor_selector : "rte", to editor_selector : "rteDISABLED", explanation: tinymce is triggered on the class "rte". changing the activator obviously disables it. one can go other way around and remove this class in the template, i think. next step would be installing CodeMirror or other syntax highlighter. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now