Flarum Advanced Pages

TryHackX

Advanced Pages for Flarum

Create advanced custom pages with HTML, BBCode, Markdown, PHP, or plain text content types for your Flarum 2.x forum. A powerful alternative to fof/pages with multi-format support, live preview, formatting toolbars, and granular access control.

Features

5 content types - HTML (HTMLPurifier sanitized), BBCode, Markdown, PHP (sandboxed), Plain Text
Formatting toolbars - Context-aware buttons for BBCode and Markdown editors
Live preview - Raw/Preview toggle with syntax highlighting (highlight.js One Dark)
Code editor - CodeMirror-powered editor for HTML and PHP with syntax highlighting
BBCode extensions - [table], [spoiler], [center], extended [url] parser (configurable)
Newline modes - Flarum vanilla or preserve-all for BBCode pages
Spoiler system - [spoiler] / [spoiler=Title] with permission-based visibility
Admin panel - Full CRUD with pagination, per-page selector, and inline settings
SEO support - Meta descriptions and proper <title> tags
Access control - Publish, hide (admin-only), restrict (login required), per-group visibility
Custom permissions - Manage pages, view spoiler content
Clean URLs - Pages accessible at /p/{slug}

Screenshots

Admin panel with page management, BBCode editor with toolbar, and live preview.

Support Development

If you find this extension useful, consider supporting its development:

Monero (XMR): 45hvee4Jv7qeAm6SrBzXb9YVjb8DkHtFtFh7qkDMxS9zYX3NRi1dV27MtSdVC5X8T1YVoiG8XFiJkh4p9UncqWGxHi4tiwk
Bitcoin (BTC): bc1qncavcek4kknpvykedxas8kxash9kdng990qed2
Ethereum (ETH): 0xa3d38d5Cf202598dd782C611e9F43f342C967cF5

You can also find the donation option in the extension's admin settings panel.

Requirements

Flarum ^2.0
PHP ^8.1
PHP memory_limit 256M minimum (512M+ recommended)

Installation

composer require tryhackx/flarum-advanced-pages:"*"
php flarum migrate
php flarum cache:clear

Updating

composer update tryhackx/flarum-advanced-pages
php flarum migrate
php flarum cache:clear

Usage

Creating Pages

Go to Admin Panel > Advanced Pages
Click Create Page
Choose a content type and write your content
Configure visibility (published, hidden, restricted, group access)
Save — page is available at /p/{your-slug}

Content Types

Type	Description	Security
HTML	Full HTML with styles, scripts, forms	Raw output, permission-gated
BBCode	BBCode with custom tags & toolbar	Escaped and parsed via s9e/TextFormatter
Markdown	Full Markdown with live preview	Escaped and parsed via s9e/TextFormatter
PHP	Server-side PHP execution	Admin-only, sandboxed, errors logged never shown
Plain Text	Auto-escaped text with URL linking	Fully escaped output

BBCode Settings

Toggle custom BBCode tags in the admin settings:

Setting	Tags	Default
Tables	`[table]` `[tr]` `[th]` `[td]`	Enabled
Spoiler	`[spoiler]` `[spoiler=Title]`	Enabled
Center	`[center]`	Enabled
Extended URL	`[url]` (accepts URLs rejected by Flarum)	Disabled

Changes to BBCode settings require clearing the formatter cache:

php flarum cache:clear

Newline Mode (BBCode)

Each BBCode page has a configurable newline mode:

Flarum (default) - Multiple newlines collapse to a single break (vanilla Flarum behavior)
Preserve - All newlines are respected as <br> tags

PHP Pages

PHP pages execute in a sandboxed environment with access to:

$page - The current Page model
$actor - The current user (or null for guests)
$settings - Flarum SettingsRepository

<h1>Welcome, <?= htmlspecialchars($actor ? $actor->display_name : 'Guest') ?></h1>
<p>Current time: <?= date('Y-m-d H:i:s') ?></p>

Errors are logged to Flarum's log but never displayed to visitors.

Page Visibility

Option	Description
Published	Page is accessible to permitted users
Draft	Page exists but is not accessible
Hidden	Only visible to administrators
Restricted	Requires login to view
Group access	Restrict to specific user groups

Permissions

Permission	Location	Description
Manage Advanced Pages	Moderate tab	Create, edit, delete pages
View spoiler content	View tab	See spoiler content on pages

Memory Requirements

Flarum compiles all extension LESS styles together. If you get a PHP Fatal error: Allowed memory size exhausted:

Set memory_limit to at least 256M in php.ini (recommended: 512M)
WAMP users: Apache with mod_fcgid uses php.ini in the Apache bin directory, not the PHP directory
Restart Apache after changes

Security

HTML pages rendered raw (full HTML/CSS/JS support) — page creation is permission-gated
PHP execution sandboxed in isolated closure with custom error handling
PHP errors never exposed to end users
Only admins can create PHP pages
Raw content field hidden from non-admin API responses
URL scheme blocking (javascript:, data:, vbscript🙂 in extended URL parser
Spoiler content stripped server-side for users without permission

License

MIT License. See LICENSE for details.

TryHackX

RAM usage is increased only for compilation, then it drops drastically.

Subarist

I would say this is a very practical extension.

The old pages had many limitations in terms of display, but with this extension, HTML support looks solid and should no longer be an issue. For users who want to build a more complete website beyond just forum functionality, this is extremely convenient.

Now we can easily have a consistent header and footer across pages. And once you turn off the hero display, it becomes a blank canvas—what you create from there is only limited by your imagination.

KBExit

I will have to try it out. The gif screenshots make it hard to make out what it looks like so I've been avoiding it just for that reason alone.