WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 16 months ago

#30309 closed defect (bug) (wontfix)

Protect forms in the visual editor

Reported by: jsruby22 Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.0
Component: TinyMCE Keywords: needs-refresh
Focuses: Cc:

Description

I pasted the paypal buy button code in the text of my webpage then when I go to the visual editor it changes the code to make it broken. I'm using the wordpress editor.

Attachments (1)

30309.patch (579 bytes) - added by iseulde 5 years ago.

Download all attachments as: .zip

Change History (9)

#1 @iseulde
6 years ago

  • Keywords reporter-feedback added

Hi @jsruby22,

Thanks for the report. Could you please give us an example of the code you're inserting or steps to reproduce the issue?

#2 @iseulde
6 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

No feedback.

#3 @iseulde
6 years ago

  • Keywords reporter-feedback removed
  • Milestone set to Awaiting Review
  • Resolution invalid deleted
  • Status changed from closed to reopened

Actually I just tried this. Although it's not broken, we can probably make this a bit better, not just for PayPal forms, but for any form. Maybe we can protect it? Or wrap it in a view? Not sure if we want people to type inside forms.

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="x">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG_global.gif" border="0" name="submit" alt="PayPal – The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>

#4 @iseulde
5 years ago

  • Summary changed from Paypal button code jumbled to Protect forms in the visual editor

@iseulde
5 years ago

#5 @iseulde
5 years ago

  • Keywords needs-refresh added
  • Milestone changed from Awaiting Review to Future Release

We should adjust the API so the edit button can be removed though.

#6 @iseulde
5 years ago

Plugins could potentially extend this with a form editor (inline or modal) so you don't have to use the text editor.

#7 @iseulde
5 years ago

  • Component changed from Editor to TinyMCE

#8 @azaozz
16 months ago

  • Milestone Future Release deleted
  • Resolution set to wontfix
  • Status changed from reopened to closed

Another good idea that is now superseded by the block editor. There are several blocks that add form elements in a better way :)

Note: See TracTickets for help on using tickets.