The MU forums have moved to WordPress.org

YA Style Question (16 posts)

  1. JMF
    Member
    Posted 16 years ago #

    I'm using the Advanced TinyMCE Editor plugin, primarily to give my users an easy way to insert and edit tables in posts, which should be a great boon to them.

    I'm running into problems with styles, though. The code TinyMCE generates for a table with a border, say, looks like this:

    <table style="border: 3px solid #353026;
    background color: #b7ae99" border="3" etc.>

    Upon saving, WordPress strips it down to this:

    <table style="background-color: #b7ae99" border="3" etc.>

    I've already tinkered with kses.php, and added a

    'style' => array()

    to the 'table' array.

    Just for kicks (without a clue what I was doing), I tried adding stuff into the style array, ie:

    'table' => array (
          'align' => array (),
          ...,
          'style' => array ('border' => array ()),
          ...)

    but that doesn't seem to do help. (Nor did I really expect it to.)

    Anyone have an idea why it's content to leave

    style="background-color"

    in place, but strips out everything else?

    Thanks,
    jeff.

  2. lunabyte
    Member
    Posted 16 years ago #

    ewww... tables.

  3. peiqinglong
    Member
    Posted 16 years ago #

    The new kses.php (as a security precaution) removes style, class, etc. You have to reprogram them back in for it to work like you want.

  4. JMF
    Member
    Posted 16 years ago #

    That's what I'm asking, I suppose... I was trying to program them back in, but it didn't seem to be working, and I'm not really sure what I'm doing.

    Do I add a

    'style' => array()

    to the main list? Or does it have to be added to each element individually, i.e.:

    table => array ('style' => array(), ...etc)?

    I believe (my brain's scrambled by now) I've tried it both ways, with no real luck... could someone explain exactly how to add them back in?

    Lunabyte, you know as well as I do that tables are perfectly acceptable for presenting tabular data, so don't turn your nose up. ;-)

    Seriously, if my folks are going to want to post syllabussesses and class schedules, I'd rather them have a quick and easy(?!) way to create some decent-looking tables, rather than either (a) separating things with a LOT of spaces (shudder), or (b) just using plain <table> tags or, worse yet, just <table border=5> "Ooo, look! It's THREE-DEE!" (yikes)

    I'm no big fan of the visual editor, but if I could get WordPress to not spit out the style formatting, at least they'd be able to make some decent-looking tables if they needed to. :-)

  5. JMF
    Member
    Posted 16 years ago #

    Hmm. Interesting. I've added a

    'style' => array ();

    line to kses.php, and have turned off the visual editor.

    I just tried to post an image:

    <img src="imagesource" alt="blah" style="float: left;
    margin: 0 5px 5px 0;"/>

    When I save it, WP keeps the style parameter, but the contents are truncated:

    style="left; margin: 0 5px 5px 0;"

    That's similar to what it was doing earlier, when I was messing with the visual editor.

    Anybody know what I'm doing wrong? *scratches head*

  6. JMF
    Member
    Posted 16 years ago #

    Ok, I think I've got it -- In case anybody else is in the same boat, here's how to wrangle kses.php so that it allows inline style tags with property:attribute pairs:

    The first step is to add 'style' => array() elements to tags in the $allowedposttags array. You need to do this for each tag individually. For instance:

    'span' => array ( 'style' => array () )

    If there's other stuff in the tag's array() already, just add the 'style' bit to the list.

    Then, in order to keep kses from pruning the properties out, (i.e. changing

    <span style="color: #444;">

    to

    <span style="#444">

    ), find the function that immediately follows the $allowedtags array:

    function wp_kses($string, $allowed_html, $allowed_protocols
    = array ( 'http', etc.

    and add the properties you plan to use to that array() list -- things like 'color', 'border', display', etc.

    That seems to do the trick!

    (As has been mentioned all over the place, I'm not sure of the security implications of writing this stuff back in. I'm working on an install with a limited number of controlled users.)

  7. ladynada
    Member
    Posted 16 years ago #

    YOU ARE CORRECT AND A WINNER!

    nada

  8. apertureboy
    Member
    Posted 16 years ago #

    Hey All,

    Ive followed the steps but cant seem to get it to work. What I need is to be able to add:

    <div class="style"> and <p class="style"> Ive managed to get the div tags to show but thats it. Ive added:

    'p' => array ('class' => array ()),
    'div' => array ('class' => array ()),
    'div' => array (),
    'p' => array (),

    and added:

    function wp_kses($string, $allowed_html, $allowed_protocols = array ('class', etc,

    any thoughts? Anyone get <div class=""> to work?

    Thx

    Rob

  9. apertureboy
    Member
    Posted 16 years ago #

    Hey All,

    Ive followed the steps but cant seem to get it to work. What I need is to be able to add:

    <div class="style"> and <p class="style"> Ive managed to get the div tags to show but thats it. Ive added:

    'p' => array ('class' => array ()),
    'div' => array ('class' => array ()),
    'div' => array (),
    'p' => array (),

    and added:

    'function wp_kses($string, $allowed_html, $allowed_protocols = array ('class', etc,'

    any thoughts? Anyone get <div class=""> to work?

    Thx

    Rob

  10. demonicume
    Member
    Posted 16 years ago #

    yay!

  11. tedr
    Member
    Posted 16 years ago #

    Anyone not getting to work, a simple way to ensure you tags and elements are being accepted is to change the kses file, then resubmit your entry with the original html and see what is still getting stripped out. They go back to your original html and add the remaining items to the kses file.

    Do this one by one and you'll get it.

    Honestly I wish there was more documentation of the WPMU security issues of using style, embed, script, etc. and why this is not a security problem on a regular WP install.

  12. ABosio
    Member
    Posted 16 years ago #

    I still can get it to work. After adding:


    'style' => array ()

    To the img array, it still gets stripped. I can't even get to the part of keeping it from getting truncated.

  13. ABosio
    Member
    Posted 16 years ago #

    Of course, as soon as I posted that it started working even though I had already triple-tested it and reviewed the code, changing nothing.

  14. alaikin
    Member
    Posted 15 years ago #

    Alright, I've followed all the instructions here and edited kses.php

    I'm trying to give just a single section of my post a background image. I'm using the html editor to enclose said section in a div and trying to use <div style="background-image:url(/filepath/image.jpg);"> but to no avail. Switching to visual editor, it looks perfect, but save/preview/publish strips the background image.

    I've successfully used the text-align:right attribute to style the div and it does not get stripped, only the background-image.

    I tried adding background-image to the list of allowed_protocols in kses.php, but still no luck.

    Can anyone help me figure out what I'm doing wrong?

    Thanks

  15. alaikin
    Member
    Posted 15 years ago #

    Anyone have any advice?

    I've tried tweaking all this stuff and still not found a solution that works.

    Thanks in advance for any help and sorry to kind of bump. I tried to be as patient as possible.

  16. johanhorak
    Member
    Posted 15 years ago #

    Hi I have my MU wordpress closed and only I create blogs on it. I need to add < code > [kml_flashembed movie="%link%" width="425" height="350" wmode="transparent" /] < / code > to all my blog posts through an autoblog plugin. The problem is that the < [ and ] > get stripped.

    Can I take the kses.php from a wordpress.org blog and replace the kses on my mu wordpress and will it resolve the issue?

    Johan

About this Topic