I am developing a WordPress Multisite Network, and am coding a plugin that copies posts from the main blog to the client blog. I use the wp_insert_post function to update a target post on the client blog with the content of a selected post from the main blog (blog 1).
During development, we discovered that the layout of the target posts on the client blog was breaking when the site admin ran the plugin, but not when the super admin visited the client blog and ran the plugin.
This was a problem and we looked for a solution for two or three weeks. I had three coders and myself looking to see if we could find any fault with the code. We couldn’t find anything.
Luckily, a coder I used previously connected with me, and I was able to ask him if he had any ideas. After looking at it for several hours, he admitted it was one of the strangest problems he had ever seen. He told me to go on to bed, and he would find the problem.
The next morning, there was a message on Skype for me to change most of my html to css to solve the problem. I did, it does.
I went back and read the codex page for the wp_insert_post function very carefully, and did not see anything explicitly explaining why this was happening. But, because it does say that anything created using the wp_insert_post function is run through kses, all I can assume is that the kses security is not applied if the user is the super admin.
Can anyone verify that, or explain it a bit more?
- The topic ‘Multisite Security Question’ is closed to new replies.