fckeditor: input formats

I'll try to provide some guidance, based on my own experience with FCKEditor - so others more experienced may be able to provide you with more comprehensive advice.

You seem to have a few different questions:

1) I'm confused: What I should set drupal's input format to when using fckeditor?
In order to minimise any conflicts between other filters and FCKEditor, I've found that the best way to set it up is to turn all filters off, and allow users to post full html. I have FCKEditor enabled by default, and I do not give users the option to turn it off - none of the users in *any* of the site's I've ever built with Drupal has the slightest interest in typing straight HTML into pages, stories or comments.

2) Am I correct in saying that drupal/fckeditor will ignore the input format whilst fck is enabled?
But if a user switches off fck to post, then the input filter will be enabled?
Drupal *does* apply all filters, even if you have FCKEditor turned on. Some of the filters may work, some of the will get overriden by what FCKEditor does, and will appear to you to have no effect - but any enabled filter *is* being applied. Sometimes, depending on the filter, their order, and what they do, they may affect the output of FCKEditor negatively. If there is a filter you *must* absolutely have, then you may have to play around with filter orders, and see how they interact with FCKEditor.

3) So, if I allow users to switch off fck, I should create an input filter to match what they can do in fck?
If you are going to allow your users to switch off the wysiwyg editor, then switch it back on again, and you *are* using filters, then you will need to setup an HTML filter that will allow for all HTML elements that you are making available to to your users via FCKEditor. So, whatever you've allowed FCKEditor to insert, that is also what your users will be able to insert directly by typing raw HTML.

4) If fck is always enabled, then I don't need to create a filter to match it?
You either have to switch the HTML filters off altogether - thereby allowing FCKEditor to insert whatever html it sees fit - or you have to customise the filter to allow for every tag that FCKEditor will need to insert for the user. I think there is a list of tags you can copy+paste from the readme/installation of the module, but I found that it is just easier to turn the filter off! :-)

I hope this helps.

Thanks, it helps a lot to hear information with clarity, conviction and experience.
Much of what I had already read about the issue conflicted.

Just wanted to add that if you turn off all filters or allow users to post Full HTML, you'll lose protection against XSS attacks. So use it only if you trust all users.

@icouto: your explanation was very clear, if you would like to write more articles like this for new users, it would be great. We can publish them at http://drupal.fckeditor.net/.

@wwalc: thank you. Feel free to grab any explanations of mine, and post them in the documentation, if you think it will help. I would love to be able to help more, but I know my limits too well...

Please, do keep up the good work - it's certainly appreciated.

the thing i dont get about fck/input filters and drupal is that (according to this page.... http://drupal.fckeditor.net/filters?page=1),
you can let your 'content creators/editor' roles have access to Full Html, but as above stated, lose your xss protection.
or let FCK use tags, which allow you to still use Filtered Html/(xss protection) and hence font, size, color works (but not background color which im trying to figure out how to get working with this method).

I dont get why 2nd method works.... since the modification stated in that link changes to in drupal, yet color attr doesnt get stripped, yet span's style attr does? Thought Filtered Html will strip all attributes through filter_xss()? not sure why this even works hehe?

Hi, I use various input filters for wiki/etc type filters.

Is there a way to use FCKeditor with these filters - ie by not simply using FULL HTML as the input method?

Cheers.

I believe that, in general, you can add any filter and the output from the FCKeditor will be filtered appropriately.

For instance, if you set the FCKeditor to use the DrupalFull toolbar, but you use the Filtered HTML input filter, the editor will have buttons that create output that is later stripped by Drupal.

Adding additional filters should work correctly in the same way it would any plain text field, with the exception that it is possible to create a filter that breaks the output from other filters.

So yes, it will hopefully work for you.