WP_EDITOR()在自定义元框中的用法

时间:2019-04-05 作者:Raashid Din

我正在构建一个具有经典编辑器输入而不仅仅是输入的自定义元框。使用wp\\u编辑器的原因是,我想在div中添加文本段落,但简单的输入逃逸了html。现在我正在使用这个函数。现在的问题是,当我输出这个编辑器输入的数据时,它会转义html。下面是我用于输出的代码。

echo get\\u post\\u meta($post\\u id,“摩天大楼\\u post”,true);

我使用此代码添加元框。

add_action( \'add_meta_boxes_post\', function ( $post ) {
    if ( $post->_wp_page_template === \'page-templates/skyscraper-post.php\' ) {
        add_meta_box( \'sky_post_excerpt\', \'SkyScraper Post Excerpt and Links\', \'sky_post_excerpts\', \'post\', \'advanced\', \'high\' );
    }
});
function sky_post_excerpts() {
     global $post;
    $values = get_post_custom( $post->ID );
    $data = get_post_meta($post->ID, \'skyscraper_post\', true);


    $strong_title = isset( $values[\'skyscraper_strong\'] ) ? esc_html( $values[\'skyscraper_strong\'][0] ) : "";
    $title = isset( $values[\'skyscraper_post_title\'] ) ? esc_attr( $values[\'skyscraper_post_title\'][0] ) : "";
    $text = isset( $values[\'skyscraper_post\'] ) ?  $values[\'skyscraper_post\'][0]  : "";
    $image = isset( $values[\'skyscraper_post_image\'] ) ? esc_attr( $values[\'skyscraper_post_image\'][0] ) : "";

    // We\'ll use this nonce field later on when saving.
    wp_nonce_field( \'my_post_meta_box_nonce\', \'post_meta_box_nonce\' );
    ?>

    <table class="form-table">
        <tbody>
        <tr valign="top">
            <th scope="row">
                <label><strong>Skyscraper Title</strong></label>
            </th>
            <td>
                <p><input class="widefat" name="skyscraper_strong" id="skyscraper_strong" ><?php echo $strong_title; ?></input>
                </p>
                <p><input class="widefat" rows="4" name="skyscraper_post_title" id="skyscraper_post_title" value="<?php echo $title; ?>"/>
                </p>
            </td>
        </tr>

        <tr valign="top">
            <th scope="row">
                <label for="skyscraper_post"><strong>Skyscraper Page Excerpt</strong></label>
            </th>
            <td>
                <?php wp_editor( $data, \'post_meta_box\', $settings = array(\'textarea_name\'=>\'skyscraper_post\')); ?>
                </p>
            </td>
        </tr>
        <tr valign="top">
            <th scope="row">
                <label for="skyscraper_image"><strong>SVG Image Link</strong></label>
            </th>
            <td>
                <p><input class="widefat" rows="4" name="skyscraper_post_image" id="skyscraper_post_image" value="<?php echo $image; ?>"/>
                </p>
            </td>
        </tr>

        </tbody>
    </table>
    <?php
}
为了保存数据,我使用此代码。

    add_action( \'save_post\', \'post_meta_box_save\' );
    function post_meta_box_save( $post_id ) {
   // Bail if we\'re doing an auto save
    if( defined( \'DOING_AUTOSAVE\' ) && DOING_AUTOSAVE ) return;

    // if our nonce isn\'t there, or we can\'t verify it, bail
    if( !isset( $_POST[\'post_meta_box_nonce\'] ) || !wp_verify_nonce( $_POST[\'post_meta_box_nonce\'], \'my_post_meta_box_nonce\' ) ) return;

    // if our current user can\'t edit this post, bail
    if( !current_user_can( \'edit_post\' ) ) return;
    //$allowed = wp_kses_allowed_html();
    $allowed= array(
        \'p\' => array(
            \'class\' => array(),
            \'id\' => array(),
        ),
        \'strong\' => array(),
    );


    // Make sure your data is set before trying to save it
    if( isset( $_POST[\'skyscraper_post\'] ) )
        update_post_meta( $post_id, \'skyscraper_post\', wp_kses( $_POST[\'skyscraper_post\'], $allowed ) );

    // Make sure your data is set before trying to save it
    if( isset( $_POST[\'skyscraper_post_image\'] ) )
        update_post_meta( $post_id, \'skyscraper_post_image\', wp_kses( $_POST[\'skyscraper_post_image\'], $allowed ) );

    // Make sure your data is set before trying to save it
    if( isset( $_POST[\'skyscraper_strong\'] ) )
        update_post_meta( $post_id, \'skyscraper_strong\', wp_kses( $_POST[\'skyscraper_strong\'], $allowed ) );

    // Make sure your data is set before trying to save it
    if( isset( $_POST[\'skyscraper_post_title\'] ) )
        update_post_meta( $post_id, \'skyscraper_post_title\', wp_kses( 

    $_POST[\'skyscraper_post_title\'], $allowed ) );
    }
我不知道为什么要转义html。任何帮助都将不胜感激,谢谢。

这是转义的输出。enter image description here

1 个回复
最合适的回答,由SO网友:Sally CJ 整理而成

这可能解决不了问题,但我希望它能帮助你。

中的sky_post_excerpts() 函数,我用它来显示TinyMCE/classic编辑器:$dataget_post_meta($post->ID, \'skyscraper_post\', true))

<?php wp_editor( $data, \'post_meta_box\', array(\'textarea_name\'=>\'skyscraper_post\')); ?>
中的post_meta_box_save() 函数,我这样保存了meta,在哪里$allowedwp_kses_allowed_html():

update_post_meta( $post_id, \'skyscraper_post\', wp_kses( $_POST[\'skyscraper_post\'], $allowed ) );
在前端,我显示如下元数据:

// This is really just an example. And I was on a single post.
echo get_post_meta( get_the_ID(), \'skyscraper_post\', true );
一切都很顺利&mdash;所有HTML都保持由TinyMCE编辑器生成的状态。

更新如果在TinyMCE中使用visual not text,则不会显示p标记

wp_kses_allowed_html() 调用时未指定$context parameter, 将使用全局变量$allowedtags 这是一个KSE允许的HTML元素数组,默认情况下not 包括p 标记/元素。

如果您想允许p 元素,您可以:

使用wp_kses_allowed_html( \'post\' ) 将使用全局变量$allowedposttags 它还包含与$allowedtags 变量,但$allowedposttags 允许有许多元素,包括tablevideo.

或手动启用p 要素:

$allowed = wp_kses_allowed_html();
$allowed[\'p\'] = array(); // allows all attributes!


$allowed = array();
$allowed[\'p\'] = array(); // allows all attributes!
但是,您不应该允许所有属性。。因此:

$allowed[\'p\'] = array(
  \'class\' => true,
  \'id\'    => true,
  ...other attributes...
);

标签: theme-development   custom-field   metabox   小码农  

相关推荐

带有复选框的Metabox不起作用!

请帮帮我。我想在元框中显示用户的显示名称作为复选框。然后,我可以通过以下方式选择许多用户在帖子中显示一些内容:if (in_array(\'special userID\', get_post_meta($post->ID, \'U_S_C_users\', true)) == true) { // Show the content here echo \"ok\"; } 根据我的代码,我看到以下错误:warning: in_array() expects