FOR ARCHIVAL PURPOSES ONLY

The information in this wiki hasn't been maintained for a good while. Some of the projects described have since been deprecated.

In particular, the "Ushahidi Platform v3.x" section contains information that is often misleading. Many details about this version of Platform have changed since.

This website is an extraction of the original Ushahidi wiki into a static form. Because of that, functions like logging in, commenting or searching will not work.

For more documentation, please refer to https://docs.ushahidi.com

Versions Compared

Old Version 12

changes.mady.by.user Robbie Mackay

Saved on

compared with

New Version Current

changes.mady.by.user Robbie Mackay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Add HTMLPurifier library for proper HTML sanitization
  • Add function to html helper
    • html::escape($input) - Escape HTML entities.
    • html::strip_tags($input, $escape = TRUE) - strip all tags. Optionally escapes HTML entities too.
    • html::clean($input) - Limit HTML tags to only whitelisted elements.
  • These should be used instead of htmlentities, string_tags or other built in HTML cleaning functions
  • If you're upgrading make sure to copy the new config options (see below) from config.template.php

  • If you make heavy use of HTML in your report descriptions you may need to modify the whitelist options in config.php

  • Anchor
    xss-config-settings
    If you are upgrading from you should copy the following config into you config.php file:

Code Block
languagephp
/**
 * Allowed HTML tags in report description and other large text fields
 * 
 * Formated is based on http://htmlpurifier.org/live/configdoc/plain.html#HTML.Allowed
 */
$config['allowed_html'] = "a[href|title],p,img[src|alt],br,b,u,strong,em,i,h2,h3,h4,h5,h6";

/**
 * Allowed iframe URLs in report description and other large text fields
 * 
 * Formated is based on http://htmlpurifier.org/live/configdoc/plain.html#URI.SafeIframeRegexp
 */
$config['safe_iframe_regexp'] = '%^http://(www.youtube.com/embed/|player.vimeo.com/video/|w.soundcloud.com/player)%';

Theming changes

  • The following functions are now deprecated (but should continue to work)

    • plugin::add_javascript() - use Requirements::js()

    • plugin::add_stylesheet() - use Requirements::css()

    • plugin::remove_javascript() - use Requirements::block()

  • Add theme inheritance and css/js overriding
    • This still default to including the default theme

    • Allows themes to specify CSS/JS files to include through readme.txt

      Code Block
      Theme Name: Default
Description:
Version: 1.0
Author: Ushahidi
Author Email: team@ushahidi.com
Demo: http://www.ushahidi.com
CSS: base,accordion,slider,style
JS:
    • Allow themes to override CSS/JS from parent theme by include a file of the same name
  • Split out themes/default/css/style.css
  • Handle all CSS / JS includes through 1 library: Requirements
    • This enables us to combine and compress these files
    • We're adding CSSMin and JSMin to compress files
    • A bunch of new options in application/config/requirements.php
  • Add support for RTL css files through Requirements library.
    • All CSS files can be replaced by a file of the same name with the -rtl suffix.
  • Now using CDN (when configured) for theme files too #904
  • Further documentation here: https://wiki.ushahidi.com/display/WIKI/Managing+CSS+and+JS+in+Ushahidi

...