The Textile plugin has been updated today as it was discovered that Textile was undoing some protection ExpressionEngine makes to submitted data to prevent variable parsing in user-submitted content. In certain circumstances this could result in PHP errors and broken content. If you are using the Textile plugin, this is considered a critical and mandatory update. Simply replace your existing Textile plugin with the version 1.1 (2.0.0 r2779).
Thread
This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
Critical Textile Plugin Update
July 10, 2008 2:14pm
Subscribe [9]-
#1 / Jul 10, 2008 2:14pm
-
#2 / Jul 10, 2008 7:07pm
I upgraded, but now, when I see a preview of the post in the control panel after publishing or updating, I see
at the end of each paragraph. The code that gets outputted on the site is still good; just the preview is affected. I’m using 1.6.3.
-
#3 / Jul 10, 2008 7:14pm
Try a fresh download, Eric, should fix that.
-
#4 / Jul 10, 2008 7:19pm
Awesome, thanks!
-
#5 / Jul 10, 2008 9:47pm
I was a little confused by what looks like a retrograde version number. The version for the Textile plugin I had installed was 2.0 (2.0.0 r2779), and yours is version 1.1 (2.0.0 r2779). The difference is only one line and is clearly your security fix. Did you mean 2.1? Or maybe I got 2.0 from some other place (I can’t remember whether I downloaded from the official plugin list)??
-
#6 / Jul 10, 2008 11:13pm
The version number used to be just 2.0.0 r2779 which was taken entirely from the version of Textile, not the plugin version, as we do not create or maintain that codebase. This is the first time that the plugin’s code, which is just a gateway to Textile, has been significantly changed, so I decided to be more explicit in the versioning. The plugin version is the first listed, and the parenthetic version is the version of Textile, i.e. EE Textile Plugin version 1.1, using Textile’s 2.0.0 r2779 codebase.
-
#7 / Jul 11, 2008 9:33am
Derek, I have a small request. Can we get a “Last Modified” date and time on the plugins, extensions, modules, and expansions? Seeing when it was first posted is great but “Date: Mar 09, 2004” makes it seem like it was the last time the plugin was updated. Just a suggestion. Thanks for the update.
-
#8 / Jul 11, 2008 1:34pm
ignite, you’re making it too difficult for me! (added)
-
#9 / Jul 11, 2008 1:39pm
Wow, that was fast! Looks good! I like the “Published” label too. Thanks.
-
#10 / Jul 11, 2008 2:12pm
For the record I love the “Last Updated” addition. Thanks for this.
-
#11 / Jul 12, 2008 5:12pm
Upgrading stopped other plugins from working. The read file plugin and image rotator tags now show as plain text. Help!
{exp:read_file}
-
#12 / Jul 12, 2008 5:15pm
Share your code, please, Turkish?
-
#13 / Jul 12, 2008 5:51pm
Example…
=={exp:read_file file="/home/path/file.txt" html="yes"}==The equals signs are to stop textile converting the quotes. Basically tell Textile it’s RAW HTML.
-
#14 / Jul 12, 2008 6:21pm
Yes, but where are you putting this? In an entry? A template? Is it inside a Textile plugin tag? What’s the full context, Turkish Baker?
-
#15 / Jul 12, 2008 7:44pm
A weblog entry field with the formatting type set to Textile.
