NEW ckeditor accept a parameter to disable all html filtering

htdocs/core/class/doleditor.class.php

@@ -142,19 +142,23 @@ class DolEditor
      *
      *  @param	int		$noprint             1=Return HTML string instead of printing it to output
      *  @param	string	$morejs		         Add more js. For example: ".on( \'saveSnapshot\', function(e) { alert(\'ee\'); });"
+     *  @param  boolean $disallowAnyContent  Disallow to use any content. true=restrict to a predefined list of allowed elements.
      *  @return	void|string
      */
-    function Create($noprint=0,$morejs='')
+    function Create($noprint=0,$morejs='',$disallowAnyContent=true)
     {
     	global $conf,$langs;
 
     	$fullpage=False;
+    	if (isset($conf->global->FCKEDITOR_ALLOW_ANY_CONTENT))
+    	{
     	   $disallowAnyContent=empty($conf->global->FCKEDITOR_ALLOW_ANY_CONTENT);      // Only predefined list of html tags are allowed
+    	}
 
     	$found=0;
 		$out='';
 
-        if ($this->tool == 'fckeditor')
+        if ($this->tool == 'fckeditor') // not used anymore
         {
             $found=1;
             $this->editor->Create();
@@ -179,6 +183,7 @@ class DolEditor
 
             	$htmlencode_force=preg_match('/_encoded$/',$this->toolbarname)?'true':'false';
 
+            	$out.= '<!-- Output ckeditor $disallowAnyContent='.$disallowAnyContent.' toolbarname='.$this->toolbarname.' -->'."\n";
             	$out.= '<script type="text/javascript">
             			$(document).ready(function () {
                             /* if (CKEDITOR.loadFullCore) CKEDITOR.loadFullCore(); */

htdocs/websites/index.php

@@ -904,7 +904,7 @@ if ($action == 'editcontent')
     
     require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
     $doleditor=new DolEditor('PAGE_CONTENT',$contentforedit,'',500,'Full','',true,true,true,5,60);
-    $doleditor->Create();
+    $doleditor->Create(0, '', false);
 }
 
 print '</div></form>';