Page 1 of 1

Proper usage of {{files}}

Posted: 06 Dec 2017, 06:56
by Haider of Sweden
Hi!

If I want to use {{files}} in the following case, how should I do?
Code
url('../font/titillium-lightupright-webfont.ttf') format('truetype'),
I tried this, but it seems not working
Code
url('{{files}}/font/titillium-lightupright-webfont.ttf') format('truetype'),

Re: Proper usage of {{files}}

Posted: 06 Dec 2017, 09:55
by mjau-mjau
Looking at the above, I'm really not sure what you are trying to do. The {{files}} variable is meant to be a shortcut variable for LINKS and IMAGES in your page CONTENT to point to files uploaded into /custom/files/*. For example, linking to an image:
Code
<a href="{{files}}/images/filename.jpg" data-popup>click me</a>
Or embedding the image directly in the page:
Code
<img src="{{files}}/images/filename.jpg" />
In your code, I see CSS. Is this CSS added directly to the page? Why not add it globally in Settings > Custom > Custom CSS? Even if you DON'T use the {{files}} variable, you would simply write the root-relative path anyway, which would be /content/custom/files/font/titillium-lightupright-webfont.ttf.

If you got a link for me, I can check what's going on and perhaps what you are trying to do.

Re: Proper usage of {{files}}

Posted: 06 Dec 2017, 13:07
by Haider of Sweden
Hi!

False alarm. The path is OK I think, but the problem appears to be that I can't upload extensions like ttf to the font-folder.

Re: Proper usage of {{files}}

Posted: 06 Dec 2017, 15:57
by Haider of Sweden
Update: Problem solved.
I found this thread, explaining how to add the additional extensions. Although, I don't like to fiddle inside PHP files if not really necessary. Think is, if the site is updated, this manual tweak will most likely be overwritten.

Re: Proper usage of {{files}}

Posted: 06 Dec 2017, 23:14
by mjau-mjau
Haider of Sweden wrote:Update: Problem solved.
I found this thread, explaining how to add the additional extensions. Although, I don't like to fiddle inside PHP files if not really necessary. Think is, if the site is updated, this manual tweak will most likely be overwritten.
I'll officially add font files as an allowed upload file type in next release.

Allowed extensions is part of panel security as one can never be paranoid enough these days. Ultimately, it would be cool if one could select "allowed file types" for upload directly from the panel. However, that would defeat the purpose as it means if a hacker gets panel access, they can allow upload of PHP files and hack your website to pieces. Perhaps I should allow upload of all files, except PHP? I need to study some best practices.

Re: Proper usage of {{files}}

Posted: 07 Dec 2017, 06:37
by Haider of Sweden
Thank you, Karl,

the extensions I added are .EOT, .TTF, .WOFF.
I let you decide what is best. Now that I understand the reason, I feel I don't have the knowledge to fully understand all the potential risks.

Giving the user an additional interface where he/she can add more extensions with a warning text leaves the responsibility to the user.  You have done your part, limiting the extensions to those you consider safe.

Re: Proper usage of {{files}}

Posted: 13 Jan 2018, 12:43
by mjau-mjau
Since X3.24.3, you can upload font file formats.
https://forum.photo.gallery/viewtopic.php?f=51&t=9475

Re: Proper usage of {{files}}

Posted: 14 Jan 2018, 03:35
by Haider of Sweden
Thank you very much!