Publishing post strips custom html element when user is not admin

admin管理员组

文章数量:1024592

This phenomenon occurred after updating Wordpress from 4.9.10 to 5.1.1. I'm using the plugins TinyMCE Advanced, Classic Editor and Advanced Custom Fields PRO. The wordpress installation has the roles admin and testrole.

I'm logged in as testrole and insert the custom html element <p><new-page></new-page></p> in a custom field of type WYSIWYG editor in a post and publish the post by clicking publish. <p><new-page></new-page></p> is replaced with <p></p>.

When logged in as admin, the replacement does not happen.

How can I prevent wordpress from replacing <p><new-page></new-page></p> with <p></p> when logged in as testrole?

This phenomenon occurred after updating Wordpress from 4.9.10 to 5.1.1. I'm using the plugins TinyMCE Advanced, Classic Editor and Advanced Custom Fields PRO. The wordpress installation has the roles admin and testrole.

I'm logged in as testrole and insert the custom html element <p><new-page></new-page></p> in a custom field of type WYSIWYG editor in a post and publish the post by clicking publish. <p><new-page></new-page></p> is replaced with <p></p>.

When logged in as admin, the replacement does not happen.

How can I prevent wordpress from replacing <p><new-page></new-page></p> with <p></p> when logged in as testrole?

• user-roles

Share Improve this question asked Apr 11, 2019 at 11:33 Osvald LauritsOsvald Laurits 13377 bronze badges 1

• This is happening because WP checks any pasted markup and removes anything it considers potentially unsafe, unless the user is an administrator. If you're using the Classic Editor, one option would be to create a shortcode that outputs your <new-page> element. If you're using the Block Editor, you could create a custom block. – WebElaine Commented Apr 11, 2019 at 14:27

Add a comment  | 

2 Answers 2

Sorted by: Reset to default 0

To allow your specific <new-page> element in the Classic Editor, you can add a filter so WP recognizes it as an allowed tag:

// Step one - add to the allowed tags
add_action('init', function() {
    // Access the global allowed tags array
    global $allowedtags;
    // Add new-page as an allowed tag
    $allowedtags['new-page'] = array();
    // If you ever use attributes such as <new-page href="url" title="My Title">
    // Then you'll need to include those within the array like so:
    // $allowedtags['new-page'] = array('href' => array(), 'title' => array());
});

// Step two - add to allowed tags in TinyMCE (the editor)
add_filter('tiny_mce_before_init', function($a) {
    $a['extended_valid_elements'] = 'new-page';
    // Again if you ever need attributes, you'll specify those here
    // $a['extended_valid_elements'] = 'new-page[href|title]';
    return $a;
});

Since this code is specifically for TinyMCE you'll have to test to determine whether it works with the Block Editor, or only Classic. If it doesn't work with your editor, you also have the option of creating a shortcode or a block that outputs the tag in question.

Append the following code to wp-config.php

define('CUSTOM_TAGS', true );
$allowedposttags = array();
$allowedtags = array();
$allowedentitynames = array();

Copy the values for $allowedposttags, $allowedtags and $allowedentitynames from web/wp-includes/kses.php and assign them to the variables $allowedposttags, $allowedtags and $allowedentitynames in wp-config.php . Add 'new-page' => array() as an element to the array which is assigned to $allowedposttags.

This phenomenon occurred after updating Wordpress from 4.9.10 to 5.1.1. I'm using the plugins TinyMCE Advanced, Classic Editor and Advanced Custom Fields PRO. The wordpress installation has the roles admin and testrole.

I'm logged in as testrole and insert the custom html element <p><new-page></new-page></p> in a custom field of type WYSIWYG editor in a post and publish the post by clicking publish. <p><new-page></new-page></p> is replaced with <p></p>.

When logged in as admin, the replacement does not happen.

How can I prevent wordpress from replacing <p><new-page></new-page></p> with <p></p> when logged in as testrole?

This phenomenon occurred after updating Wordpress from 4.9.10 to 5.1.1. I'm using the plugins TinyMCE Advanced, Classic Editor and Advanced Custom Fields PRO. The wordpress installation has the roles admin and testrole.

I'm logged in as testrole and insert the custom html element <p><new-page></new-page></p> in a custom field of type WYSIWYG editor in a post and publish the post by clicking publish. <p><new-page></new-page></p> is replaced with <p></p>.

When logged in as admin, the replacement does not happen.

How can I prevent wordpress from replacing <p><new-page></new-page></p> with <p></p> when logged in as testrole?

• user-roles

Share Improve this question asked Apr 11, 2019 at 11:33 Osvald LauritsOsvald Laurits 13377 bronze badges 1

• This is happening because WP checks any pasted markup and removes anything it considers potentially unsafe, unless the user is an administrator. If you're using the Classic Editor, one option would be to create a shortcode that outputs your <new-page> element. If you're using the Block Editor, you could create a custom block. – WebElaine Commented Apr 11, 2019 at 14:27

Add a comment  | 

2 Answers 2

Sorted by: Reset to default 0

To allow your specific <new-page> element in the Classic Editor, you can add a filter so WP recognizes it as an allowed tag:

// Step one - add to the allowed tags
add_action('init', function() {
    // Access the global allowed tags array
    global $allowedtags;
    // Add new-page as an allowed tag
    $allowedtags['new-page'] = array();
    // If you ever use attributes such as <new-page href="url" title="My Title">
    // Then you'll need to include those within the array like so:
    // $allowedtags['new-page'] = array('href' => array(), 'title' => array());
});

// Step two - add to allowed tags in TinyMCE (the editor)
add_filter('tiny_mce_before_init', function($a) {
    $a['extended_valid_elements'] = 'new-page';
    // Again if you ever need attributes, you'll specify those here
    // $a['extended_valid_elements'] = 'new-page[href|title]';
    return $a;
});

Since this code is specifically for TinyMCE you'll have to test to determine whether it works with the Block Editor, or only Classic. If it doesn't work with your editor, you also have the option of creating a shortcode or a block that outputs the tag in question.

Append the following code to wp-config.php

define('CUSTOM_TAGS', true );
$allowedposttags = array();
$allowedtags = array();
$allowedentitynames = array();

Copy the values for $allowedposttags, $allowedtags and $allowedentitynames from web/wp-includes/kses.php and assign them to the variables $allowedposttags, $allowedtags and $allowedentitynames in wp-config.php . Add 'new-page' => array() as an element to the array which is assigned to $allowedposttags.

本文标签： Publishing post strips custom html element when user is not admin