Problem description:
Embedded video code when submitting a new post is automatically stripped out.
Problem analysis:
Wordpressmu2.9.1 has this issue.
But wordpress 2.9.1 and wordpress3.0.1 works fine.
When deactivate all plugins,the issue still exits.so it is not a plugin conflict issue.
Searching on the internet somebody in a post mentioned that for security reasons(strip evil script) wordpress will strip out some html tags automaticlly.
Here
http://www.clickonf5.org/wordpress-mu/youtube-other-video-not-embedding-wordpress-mu/5820
So i added the tags needed for an embedded code one by one in wordpressmu.
Yes,it works!
Why wordpress does not need this code hacking?
Wordpress and wordpressmu both use a third party script called KSES for filtering html tags
( HTML/XHTML filter that only allows some elements and attributes )
the damned function that strips our text is wp_filter_kses().
kses_init_filters() adds it as filter to 5 hooks, kses_init() calls this function, and it is added as action to init and set_current_user. All those functions are in kses.php
Note the current_user_can('unfiltered_html'). That's the trick, kses_init() removes the filter from all hooks and adds it back if user can't use clean HTML.
So, instead of hacking WordPress core or using codes to remove the filter, just set unfiltered_html role to uses that should have it,
and WordPress core will do it's job nicefully without having to be hacked
Solution:
Change the code in kses.php under ‘wp-include’ folder .
From
function kses_init() {
global $allowedposttags , $allowedtags ;
$allowedposttags = apply_filters( 'edit_allowedposttags' , $allowedposttags );
$allowedtags = apply_filters( 'edit_allowedtags' , $allowedtags );
kses_remove_filters();
kses_init_filters();
}
To
function kses_init() {
global $allowedposttags , $allowedtags ;
$allowedposttags = apply_filters( 'edit_allowedposttags' , $allowedposttags );
$allowedtags = apply_filters( 'edit_allowedtags' , $allowedtags );
kses_remove_filters();
if (current_user_can( 'unfiltered_html' ) == false ){
kses_init_filters();
}
}
This will help to judge whether the login use has the authority called
unfiltered_html
Currently administrator and editor has the authority.
Conclusion
The issue only exits in wordpressmu,not in wordpress
Reference
http://wordpress.org/support/topic/cant-embed-videos-after-upgrade-to-multisite
http://www.clickonf5.org/wordpress-mu/youtube-other-video-not-embedding-wordpress-mu/5820
http://mu.wordpress.org/forums/topic/17876
http://wordpress.org.cn/viewthread.php?tid=66440
http://sourceforge.net/projects/kses/files/kses/0.2.2/kses-0.2.2.zip/download
http://codex.wordpress.org/Function_Reference/wp_kses