embed shortcodes not rendering after update to 0.9.0.4

  • Resolved witters

    (@witters)


    6 months ago

    We have a front-end form where logged in users can create updates with WYSIWYG fields. These users often embed YouTube videos via the [embed] shortcode.

    On v0.8.9.4 this would work fine. Since updating to 0.9.0.4 this content is being stripped out.

    We can work around this by granting the users the unfiltered_html permission – but this is overkill for what we need. It seems like the content is being passed through wp_kses by ACFE, and this isn’t handling embeds correctly.

    Please can you review / advise. Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Konrad Chmielewski

    (@hwk-fr)

    Hello,

    Thanks for the feedback!

    In fact, I managed to reproduce the issue. For the record, the issue doesn’t come from the wp_kses or the unfiltered_html logic on their own.

    The problem come from the WYSIWYG field which interpret the [embed] shortcode, and save it in the post_content. So instead of having an [embed], you end up with <iframe></iframe> . The next time the user save it, the wp_kses kicks in and remove the <iframe></iframe>, as it should.

    This is indeed not the correct logic. I’m adding a fix for the next patch. In the meantime you can fix it by yourself by following these instruction:

    In the file /acf-extended/includes/modules/form/module-form-action-post.php line:306, find this code:

    acfe_apply_tags($action['save']['post_content']);

    And replace it with this code:

    acfe_apply_tags($action['save']['post_content'], $opt);

    This will fix the issue. Note that in your case, the user will still have to remove the old <iframe> , or simply re-save the post again so the wp_kses remove it. Then the next time he enters [embed]...[/embed] it will save it correctly.

    Thanks again for the report, and sorry for the inconvenience.

    Regards.

    Thread Starter witters

    (@witters)

    Many thanks for the comprehensive reply. That all makes sense. Really appreciate your work! ??

    Plugin Author Konrad Chmielewski

    (@hwk-fr)

    Hello!

    Just a heads up to let you know the latest ACF Extended 0.9.0.5 version fixed this issue.

    Thanks again for the report, and sorry for the inconvenience.

    Have a nice day!

    Regards.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.