burgwinkel

I’m on Linux, with Google Chrome 12.0, and Firefox 5.0. Same issue in both. Using Ubuntu 10.04.

I did notice the following error in Firefox’s Error Console for all wp-admin pages:

Error: missing ; before statement
Source File: https://burgwinkel.com/blog/wp-admin/tools.php
Line: 41, Column: 218
Source Code:
var postsnippet_3 = "\x3Cspan class=\"tglsz\"\x3E\x3Cscript type=\"text/javascript\"\x3E\nimgRsz({wid},{ht},{pgpc},\"{imgurl}\",\"{cssclass}\",\"\\n onmouseout='return nd();' \\n onmouseover='return overlib(\\"some text, commas okay, no apostrophes, quotes, or double-quotes\\",CAPTION,\\"click to toggle size\\");' \\n onclick='tglsz(this.name);'\\n \"); dw(\" \" + this.name + \" \");\n\x3C/script\x3E\n\x3C/span\x3E";

And this from the Error Console when I push the Post Snippets button in the HTML editor:

Error: edOpenPostSnippets is not defined
Source File: https://burgwinkel.com/blog/wp-admin/post.php?post=1074&action=edit
Line: 1

I have just remembered this has always been an issue for me with Post Snippets. I installed it ages ago, probably shortly after its first release, and it would work with plain text, or even HTML markup, I think. But since it would never work if I had script snippets recorded, I just never used it. It is a very useful plugin, and hopefully I can figure this out.

@johan,
By the way, I should have mentioned in the original post that this occurs in the HTML editor. I have TinyMCE disabled.

Thanks for responding. I can’t preview this post, so I am going to break the script tags with -x- in this post, just in case. Here goes:

`
<span class="tglsz"><scr-x-ipt language="JavaScript" type="text/javascript"><!--
imgRsz({wid},{ht},{pgpc},"{imgurl}","imghalfleft","onclick='tglsz(this.name)\;'");
dw(" " + this.name + " ");
//--></scr-x-ipt>
</span>
`

This is a little late, but I am researching the same issue. So far, it seems 777 (world writable) is not an unusual setting for the wp_content folder. Also, I am told by my web host that having a folder writable by the server (775) is the same as having it writable by the world, since the world can write to these folders via scripts. I’m not sure I trust that advice.

I haven’t bothered much with all this since installing WordPress years ago. but I just changed web hosts and ran into the problem of not-writable directories again. A quick look back at the settings on my former host, and I was surprised to find 777 on a few folders. Never had a security issue there.

A perusal of comments on this forum suggests that setting 777 on some directories is how this issue is often handled. Personally, I prefer 775 (user and group writable only), but in order for that to work, the files and folders must belong to the server group (sometimes named ‘nobody’ or some variation of ‘apache’). They don’t belong to the server group by default, and changing the group has to be done by the admin of the server. That’s tedious for them to do. Hence, the frequency that 777 is used. That it is tedious to do is also why admins tend to say that group-writable by the server is the same as world-writable. It is not the same, but how much difference it makes seems hotly debated.