ifacethoughts

allowedtags

Ever wonder how WordPress allows only certain HTML elements and attributes in comments? The allowed HTML elements are specified in the global variable allowedtags. It is an associative array set in [wordpress root folder]/wp-includes/kses.php (kses is a HTML/XHTML filter written in PHP). It is used in function wp_filter_kses($data) defined in [wordpress root folder]/wp-includes/kses.php which is eventually executed for the action init. This global variable is used for filtering only comments and titles, not the post content. For the post content, global variable allowedposttags is used.

allowed_tags() function, defined in [wordpress root folder]/wp-includes/template-functions-general.php, can be used to retrieve the different allowed elements.

To modify the HTML elements, modify the [wordpress root folder]/wp-includes/kses.php to modify the elements. Stopping HTML in Comments section in this codex document detailing the steps for modification. The bad thing is about this is that this will be a hack. If WordPress is later upgraded, this code change will be overwritten and will have to be redone.

Optionally, unfiltered_html capability can be added to disable the default filtering of HTML elements specified in [wordpress root folder]/wp-includes/kses.php. Plugins can be written to add custom functions for the filter init to allow your set of HTML elements. unfiltered_html setting should be carefully enabled as it can allow posting of malicious code.

Back to full list of global variables.

Technorati tags: , , ,

Discussion [Participate or Link]

  1. Abhijit Nadgouda @ iface » Blog Archive » Wordpress Global Variables said:

    [...] $allowedtags [...]

  2. earth4energy solar power review said:

    Ϻу cοder іs trуіng to conνince me to move to .
    net from PΗP. I hаve always diѕlіked the іԁea because of the еxpеnsеѕ.
    But he’s tryiong none the less. I’ve bеen using WorԁPrеѕs оn ѵarious websites for abоut a year anԁ аm
    concerned аbοut swіtching to another
    ρlatform. I hаvе heard fantastіс things аbоut blοgengine.
    net. Is therе a way І can transfer all my ωordpгеѕѕ pοѕts intο it?
    Any kind οf help woulԁ be gгеatly aρprеciatеԁ!

Say your thought!

If you want to use HTML you can use these tags: <a>, <em>, <strong>, <abbr>, <code>, <blockquote>. Closing the tags will be appreciated as this site uses valid XHTML.

freshthoughts

contactme

Abhijit Nadgouda
iface Consulting
India
+91 9819820312
My bookmarks

badgesand...

This is the weblog of Abhijit Nadgouda where he writes down his thoughts on software development and related topics. You are invited to subscribe to the feed to stay updated or check out more subscription options. Or you can choose to browse by one of the topics.