WordPress.org

Support

Support » Plugins and Hacks » Hacks » apply_filter('{$field_no_prefix}_save_pre', $value) function clipping HTML

apply_filter('{$field_no_prefix}_save_pre', $value) function clipping HTML

  • praneetpanamax

    @praneetpanamax

    Hello

    in wp-include/post.php there is a function named sanitize_post_field($field, $value, $post_id, $context) in this apply_filter(‘{$field_no_prefix}_save_pre’, $value) function clips the form type elements such as <input /> and <select></select> when I am logged in from user other then superadmin.
    I am working on multisite.
    Please explain me reason of clipping HTML if any one have been through this issue earlier
    Thanks in advance..

    Praneet

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator bcworkz

    @bcworkz

    Lesser users are restricted in what HTML the can use in posts. They can use basic formatting like <b> and <em> as well as links, but they cannot use more sophisticated HTML such as <iframe> because they are not fully trusted and may try some questionable ploys if allowed any kind of HTML.

    If you trust the users of a particular role enough with unfiltered HTML, you can add the ‘unfiltered_html’ capability to that role. Then they too can create form elements.

    praneetpanamax

    @praneetpanamax

    Hey bcworkz

    I gave unfiltered capability to custom user but that didn’t helped me out..Still my editor clips <input> tags.. does nonce has any role in it??

    Moderator bcworkz

    @bcworkz

    Hmmm, I can’t replicate that behavior. Anyone I give the capability to on my site can place <input> tags in their posts. It may be a multi-site thing? My site is a single site. I’m not nearly as knowledgeable about the small details of multi-site. I didn’t think it would matter in this case. It’s either a multi site thing or you have a plugin that’s responsible for the tags being stripped.

    Nonces would not influence this. A improper nonce prevents anything from happening and a proper nonce allows everything, there is no in between state.

    If a filter callback is stripping the tag, try removing that callback from the filter. Doing this has security implications, so consider carefully how this might affect your site’s security.

    praneetpanamax

    @praneetpanamax

    Yeah every thing works perfectly fine for single site also I tried deactivating and deleting each plugin of my site too..and problem with filter is that it is not calling any callbacks 😀 … also commenting that particular line won’t be proper solution as whenever I’ll update wordpress version in future then it will be replaced again ..any ways Thanks for your support bcworkz … I hope somebody on community will have it’s solution

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘apply_filter('{$field_no_prefix}_save_pre', $value) function clipping HTML’ is closed to new replies.
Skip to toolbar