id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
5056	Protected Tags	Shaun		"Reading from this page, http://docs.cksource.com/ckeditor_api/symbols/CKEDITOR.config.html#.protectedSource

If I understand correctly, you must have

{{{config.protectedSource.push( /<\?[\s\S]*?\?>/g ); // Allows PHP Code}}}

in your config to be able to use PHP code within the editor. 


However, if I load the editor, switch to Source mode, type some simple PHP:

{{{<?php echo 'Whatever I want.'; ?>}}}

and submit, CKEditor does not entitize or remove the PHP code and it goes through unscathed.

This means I have to manually check for PHP code upon submission.

Correct me if I'm wrong, but I believe that is a bug."	Bug	closed	Normal		Core : Output Data	3.1	invalid