Home Forums Weaver Xtreme Theme Xtreme 4.3.3 legacy interface escapes all added html and css on save

Topic Resolution: Resolved
Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #63864
    timreeves
    Participant

    What seems to be happening is this: As soon as I save changes in the legacy interface, all the stored HTML and CSS gets escaped – a backslash before each single and double quote. Obviously this completely breaks every website.

    Mayhap I’m showing my age, but I still prefer the legacy interface. Now I had to use the customizer interface to manually remove all the inserted backslashes )-:

    With stored HTML I mean things like alternative hamburger icon, primary menu right html, global css… like everything. Can this be due to a changed function in the latest WP version?

    In any case, it would be great if this could be looked at asap – I don’t trust myself to edit any of my many websites using Weaver Xtreme…

    Thanks, Tim

    
    
    #63865
    timreeves
    Participant

    It seems that the problem – which for sure happens – may have a different cause. Am continuing to debug, will post again soon.

    #63866
    timreeves
    Participant

    To clarify the situation: I’m using WP MultiSite with two sites (en, de). And maybe it has to do with user permissions? Something is tickling the back of my mind… Working as Super-Admin things seem to be working, maybe it was caused by my colleague working in the “editor” role (I’ve now promoted her user account to Administrator).

    #63868
    scrambler
    Moderator

    We had heard about that a long time ago, and I do think it had to do with permissions.

    @weaver may recall more

    #63871
    timreeves
    Participant

    Yeah, as soon as I tried working as a site admin, a lot of escaping happened again. I’ve been working the last half hour as MultiSite Super-Admin, and see no problems.

    #63876
    Weaver
    Keymaster

    That is the issue – WordPress does not allow Multi-Site Admins to use raw HTML – all text and HTML is filtered through a more strict and limited content check, and escaping quotations, removing some HTML parts (not all style rules are allowed, and more). All of these limitations are designed to protect the site from hacking. And in general, on true Multi-Site sites, regular site admins are not to be trusted.

    So, there is no way around this limitation.

    #63881
    timreeves
    Participant

    Many thanks Bruce for the clear info on this “feature”. I have deleted the site admin account and we will only use the super-admin in future.

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.