I made my own form:
<?xml version="1.0"?>
<form xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Ui:etc/ui_configuration.xsd">
<argument name="data" xsi:type="array">
<item name="js_config" xsi:type="array">
<item name="provider" xsi:type="string">customer_form.customer_form_data_source</item>
</item>
<item name="label" xsi:type="string" translate="true">Blogpost Actions</item>
<item name="reverseMetadataMerge" xsi:type="boolean">true</item>
</argument>
<settings>
<buttons>
<button name="save" class="MageGuideFirstModuleBlockAdminhtmlEditSaveButton"/>
<button name="back" class="MageGuideFirstModuleBlockAdminhtmlEditBackButton"/>
</buttons>
<layout>
<navContainerName>content</navContainerName>
<type>tabs</type>
</layout>
<deps>
<dep>add_blogpost.blogpost_data_source</dep>
</deps>
</settings>
<fieldset name="blogpost">
<settings>
<label translate="true">Blog Post</label>
</settings>
<field name="blog_post_id" formElement="input">
<argument name="data" xsi:type="array">
<item name="config" xsi:type="array">
<item name="source" xsi:type="string">blogpost_data_source</item>
</item>
</argument>
<settings>
<dataType>text</dataType>
<visible>false</visible>
</settings>
</field>
<field name="title" formElement="input">
<argument name="data" xsi:type="array">
<item name="config" xsi:type="array">
<item name="source" xsi:type="string">blogpost_data_source</item>
</item>
</argument>
<settings>
<label>Title</label>
<dataType>text</dataType>
<visible>true</visible>
</settings>
</field>
<field name="content" sortOrder="10" formElement="wysiwyg" template="ui/form/field">
<argument name="data" xsi:type="array">
<item name="config" xsi:type="array">
<item name="source" xsi:type="string">page</item>
<item name="wysiwygConfigData" xsi:type="array">
<item name="is_pagebuilder_enabled" xsi:type="boolean">false</item>
<item name="toggle_button" xsi:type="boolean">true</item>
<item name="height" xsi:type="string">200px</item>
<item name="add_variables" xsi:type="boolean">true</item>
<item name="add_widgets" xsi:type="boolean">true</item>
<item name="add_images" xsi:type="boolean">true</item>
<item name="add_directives" xsi:type="boolean">true</item>
</item>
</item>
</argument>
<settings>
<label translate="true">Contents</label>
<dataScope>content</dataScope>
</settings>
<formElements>
<wysiwyg>
<settings>
<rows>5</rows>
<wysiwyg>true</wysiwyg>
</settings>
</wysiwyg>
</formElements>
</field>
</fieldset>
<dataSource name="blogpost_data_source">
<argument name="data" xsi:type="array">
<item name="js_config" xsi:type="array">
<item name="component" xsi:type="string">Magento_Ui/js/form/provider</item>
</item>
</argument>
<settings>
<submitUrl path="*/*/save"/>
</settings>
<dataProvider
class="MageGuideFirstModuleModelBlogPostDataProvider"
name="blogpost_data_source">
<settings>
<requestFieldName>id</requestFieldName>
<primaryFieldName>blog_post_id</primaryFieldName>
</settings>
</dataProvider>
</dataSource>
</form>
And my own Controller that handles the */*/save path:
<?php
namespace MageGuideFirstModuleControllerAdminhtmlBlogpostForm;
use MageGuideFirstModuleModelBlogPost;
use MagentoBackendAppAction;
use MagentoFrameworkControllerResultFactory;
class Save extends Action
{
protected BlogPost $blogPostModel;
public function __construct(
MagentoBackendAppActionContext $context,
BlogPost $blogPostModel
) {
$this->blogPostModel = $blogPostModel;
parent::__construct($context);
}
public function execute()
{
$data = $this->getRequest()->getPostValue();
var_dump($data);
$resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT);
$resultRedirect->setUrl($this->_redirect->getRefererUrl());
if(empty($data)){
return $resultRedirect;
}
if(isset($data['blogpost'])){
$data=$data['blogpost'];
}
$this->blogPostModel->setTitle($data['title']);
$this->blogPostModel->setContent($data['content']);
try{
$this->blogPostModel->save();
$this->messageManager->addSuccess(__('The data has been saved.'));
$resultRedirect->setUrl('adminblogposts/index/index');
} catch (Exception $e) {
$this->messageManager->addException($e, __('Something went wrong while saving the data.'));
} finally {
return $resultRedirect;
}
}
protected function _isAllowed()
{
return true;
}
}
But at my Model I want to use the HtmlPurifier (Known approach for XSS cleanuip for Rich text editors) at method setContent:
namespace MageGuideFirstModuleModel;
use MageGuideFirstModuleModelResourceModelBlogPostResource;
class BlogPost extends MagentoFrameworkModelAbstractModel
{
protected function _construct()
{
$this->_init(BlogPostResource::class);
}
public function getSkus():array
{
$skus=$this->getData('skus')??"";
$skus=explode(',',$skus);
$skus=array_map('trim',$skus);
$skus=array_filter($skus);
return $skus;
}
public function setTitle(string $title)
{
return $this->setData('title',strip_tags($title));
}
public function setTitle(?string $content)
{
// Use Html Purifier here
return $this->setData('content',$content);
}
}
But in order to do so I have to install it via:
composer require ezyang/htmlpurifier
Is that reccomended to do so upon common ./vendor where also magento resides?