Support » Plugins » Hacks » apply_filter('{$field_no_prefix}_save_pre', $value) function clipping HTML

  • Hello

    in wp-include/post.php there is a function named sanitize_post_field($field, $value, $post_id, $context) in this apply_filter(‘{$field_no_prefix}_save_pre’, $value) function clips the form type elements such as <input /> and <select></select> when I am logged in from user other then superadmin.
    I am working on multisite.
    Please explain me reason of clipping HTML if any one have been through this issue earlier
    Thanks in advance..


Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator bcworkz


    Lesser users are restricted in what HTML the can use in posts. They can use basic formatting like <b> and <em> as well as links, but they cannot use more sophisticated HTML such as <iframe> because they are not fully trusted and may try some questionable ploys if allowed any kind of HTML.

    If you trust the users of a particular role enough with unfiltered HTML, you can add the ‘unfiltered_html’ capability to that role. Then they too can create form elements.

    Hey bcworkz

    I gave unfiltered capability to custom user but that didn’t helped me out..Still my editor clips <input> tags.. does nonce has any role in it??

    Moderator bcworkz


    Hmmm, I can’t replicate that behavior. Anyone I give the capability to on my site can place <input> tags in their posts. It may be a multi-site thing? My site is a single site. I’m not nearly as knowledgeable about the small details of multi-site. I didn’t think it would matter in this case. It’s either a multi site thing or you have a plugin that’s responsible for the tags being stripped.

    Nonces would not influence this. A improper nonce prevents anything from happening and a proper nonce allows everything, there is no in between state.

    If a filter callback is stripping the tag, try removing that callback from the filter. Doing this has security implications, so consider carefully how this might affect your site’s security.

    Yeah every thing works perfectly fine for single site also I tried deactivating and deleting each plugin of my site too..and problem with filter is that it is not calling any callbacks 😀 … also commenting that particular line won’t be proper solution as whenever I’ll update wordpress version in future then it will be replaced again ..any ways Thanks for your support bcworkz … I hope somebody on community will have it’s solution

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘apply_filter('{$field_no_prefix}_save_pre', $value) function clipping HTML’ is closed to new replies.