Make WordPress Core

Opened 6 years ago

Closed 3 months ago

Last modified 3 months ago

#12760 closed defect (bug) (duplicate)

Escaping shortcode conditionally

Reported by: pavelevap Owned by: markjaquith
Milestone: Priority: low
Severity: normal Version: 3.0
Component: Shortcodes Keywords: roadmap
Focuses: Cc:

Description (last modified by markjaquith)

Using additional brackets is the official way to "escape" a shortcode. e.g. [[escaped]]

Using additional brackets [[shortcode]] in a post works only when the plugin (function) for this shortcode is active. When deactivated, additional brackets are shown in the post. It is annoying for many users, because editors sometimes test a plugin, write about it in a post with shortcode example and after some months this plugin is deactivated. Now there will be additional brackets, breaking their example code.



Expected output, regardless of whether that plugin is active:


Actual output, if plugin is not active:


[edited by Mark Jaquith]

Attachments (2)

shortcodes.diff (834 bytes) - added by kunalb 6 years ago.
shortcodes.2.diff (2.5 KB) - added by azram19 5 years ago.

Download all attachments as: .zip

Change History (18)

#1 @markjaquith
6 years ago

  • Description modified (diff)
  • Owner set to markjaquith
  • Status changed from new to assigned
  • Version changed from 2.9.2 to 3.0

6 years ago

#2 @kunalb
6 years ago

  • Cc kunalb added
  • Keywords has-patch added

I've attached a patch that takes care of any shortcodes of the form [[foobar]] left over after running all registered shortcode functions: I avoided changing the get_shortcode_regex function to allow for general tags because of the way the embed shortcode is handled (calling do_shortcode twice, once with only the embed as the shortcode to handle, and once after that).

Getting [shortcode]Text[/shortcode] to display required an escape of the form [[shortcode]Text[/shortcode]] ; so non-shortcodes of this form are reduced accordingly.

#3 @nacin
6 years ago

  • Milestone changed from 3.0 to 3.1

#4 @hakre
5 years ago

It makes sense to have something to escape shortcodes.

#5 @nacin
5 years ago

  • Milestone changed from Awaiting Triage to Future Release
  • Priority changed from normal to low

#6 @markjaquith
5 years ago

  • Cc markjaquith added
  • Keywords dev-feedback added

Good idea. Let's get some eyes on the patch.

5 years ago

#7 @azram19
5 years ago

  • Cc azram19 added

I've attached a patch that adds escape_shortcode() and uses it to escape shortcodes of the form [[foobar]] and [[foo]bar[/foo]].

It also escapes [[embed]foobar[/embed]], which hasn't been escaped by the previous patch.

#8 @iseulde
2 years ago

  • Component changed from General to Shortcodes

#9 @jdgrimes
2 years ago

+1 - This can be very annoying. My temporary solution was to add the shortcode with, e.g., __return_false as the callback and use the built-in escaping.

#12 @miqrogroove
15 months ago

  • Keywords has-patch removed

In shortcodes.diff I don't see how arbitrary corruption of HTML would be avoided. Just because someone uses square braces in their CDATA, URI, or other element, doesn't mean it's an unregistered shortcode.

In shortcodes.2.diff I don't see how shortcodes would even work anymore.

I agree the escaping system is somewhat nonsensical, but we need a more foolproof solution.

#13 @aaroncampbell
6 months ago

  • Keywords close added

Honestly, I think that at this point we have to consider unregistered shortcodes to not be shortcodes at all. If you really need to use double brackets to escape unregistered shortcodes, just register them with add_shortcode( 'shortcode', '__return_empty_string' )

I'm not saying this is "best case scenario", but I do think it's where we are right now for backwards compat, keeping the regexes as sane as possible, etc.

#14 @miqrogroove
3 months ago

  • Keywords roadmap added; dev-feedback close removed

I am working on a roadmap proposal to fix this with better shortcode syntax.

#15 @miqrogroove
3 months ago

  • Milestone Future Release deleted
  • Resolution set to duplicate
  • Status changed from assigned to closed

Duplicate of #18558.

Just noticed we have two tickets for this.

#16 @pavelevap
3 months ago

Yes, probably same ticket. I only emphasized displaying active and inactive shortcodes in posts (for example for tutorials)...

Note: See TracTickets for help on using tickets.