March 6, 2020 at 11:28 UTC - Views: 23 #63864
What seems to be happening is this: As soon as I save changes in the legacy interface, all the stored HTML and CSS gets escaped – a backslash before each single and double quote. Obviously this completely breaks every website.
Mayhap I’m showing my age, but I still prefer the legacy interface. Now I had to use the customizer interface to manually remove all the inserted backslashes )-:
With stored HTML I mean things like alternative hamburger icon, primary menu right html, global css… like everything. Can this be due to a changed function in the latest WP version?
In any case, it would be great if this could be looked at asap – I don’t trust myself to edit any of my many websites using Weaver Xtreme…
Thanks, TimMarch 6, 2020 at 17:02 UTC - Views: 19 #63865
It seems that the problem – which for sure happens – may have a different cause. Am continuing to debug, will post again soon.March 6, 2020 at 17:21 UTC - Views: 18 #63866
To clarify the situation: I’m using WP MultiSite with two sites (en, de). And maybe it has to do with user permissions? Something is tickling the back of my mind… Working as Super-Admin things seem to be working, maybe it was caused by my colleague working in the “editor” role (I’ve now promoted her user account to Administrator).March 6, 2020 at 17:56 UTC - Views: 16 #63868scramblerModerator
We had heard about that a long time ago, and I do think it had to do with permissions.
@weaver may recall moreMarch 6, 2020 at 20:25 UTC - Views: 13 #63871
Yeah, as soon as I tried working as a site admin, a lot of escaping happened again. I’ve been working the last half hour as MultiSite Super-Admin, and see no problems.March 6, 2020 at 23:55 UTC - Views: 10 #63876WeaverKeymaster
That is the issue – WordPress does not allow Multi-Site Admins to use raw HTML – all text and HTML is filtered through a more strict and limited content check, and escaping quotations, removing some HTML parts (not all style rules are allowed, and more). All of these limitations are designed to protect the site from hacking. And in general, on true Multi-Site sites, regular site admins are not to be trusted.
So, there is no way around this limitation.March 7, 2020 at 11:05 UTC - Views: 7 #63881
Many thanks Bruce for the clear info on this “feature”. I have deleted the site admin account and we will only use the super-admin in future.
- You must be logged in to reply to this topic.