Support » Plugin: Enhanced Text Widget » Administrators under 3.5.1 multisite not allowed unfiltered_html

  • Hi,

    I run a 3.5.1 multisite install. Only superadmin was not filtered by kses. So the admins on my sub-blogs couldn’t post php code or java script. So, to change that I would have to alter the user role “adminstrator”, right? Turns out, that adding capability “unfiltered_html” doesn’t work. Either I’d have to use a role scaper plugin or elevate the user. That seemed a bit much for this plugin only.

    So I changed the plugin line 113

    if ( current_user_can(‘unfiltered_html’) )

    to

    if ( current_user_can(‘administrator’) )

    and now my sub-blog admins can post as well. Maybe this helps someone. Greets Markus

    http://wordpress.org/extend/plugins/enhanced-text-widget/

Viewing 1 replies (of 1 total)
  • Plugin Author bostondv

    (@bostondv)

    Interesting discovery, I wasn’t aware multisite handled this differently.

    I’ll think about changing it in the next release though I need to think through whether there’s any security issues allows multisite admins access to add PHP code.

    Thanks!

Viewing 1 replies (of 1 total)
  • The topic ‘Administrators under 3.5.1 multisite not allowed unfiltered_html’ is closed to new replies.