Im using this script given here https://github.com/awshout/Custom-WordPress-Meta-Boxes/tree/master/metaboxes
its working fine but the problem is that it doesnt save html codes/tags.When I write a test is ok but when I put any html code in normal textareas or c ustom wp_editor it doesnt save the data.
below is a part of the functions to save data do you have any idea how to get it working to save html source? thanks
function save_box( $post_id ) {
$post_type = get_post_type();
// verify nonce
if ( ! isset( $_POST['custom_meta_box_nonce_field'] ) )
return $post_id;
if ( ! ( in_array( $post_type, $this->page ) || wp_verify_nonce( $_POST['custom_meta_box_nonce_field'], 'custom_meta_box_nonce_action' ) ) )
return $post_id;
// check autosave
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE )
return $post_id;
// check permissions
if ( ! current_user_can( 'edit_page', $post_id ) )
return $post_id;
// loop through fields and save the data
foreach ( $this->fields as $field ) {
if( $field['type'] == 'section' ) {
$sanitizer = null;
continue;
}
if( in_array( $field['type'], array( 'tax_select', 'tax_checkboxes' ) ) ) {
// save taxonomies
if ( isset( $_POST[$field['id']] ) ) {
$term = $_POST[$field['id']];
wp_set_object_terms( $post_id, $term, $field['id'] );
}
}
else {
// save the rest
$new = false;
$old = get_post_meta( $post_id, $field['id'], true );
if ( isset( $_POST[$field['id']] ) )
$new = $_POST[$field['id']];
if ( isset( $new ) && '' == $new && $old ) {
delete_post_meta( $post_id, $field['id'], $old );
} elseif ( isset( $new ) && $new != $old ) {
$sanitizer = isset( $field['sanitizer'] ) ? $field['sanitizer'] : 'sanitize_text_field';
if ( is_array( $new ) )
$new = meta_box_array_map_r( 'meta_box_sanitize', $new, $sanitizer );
else
$new = meta_box_sanitize( $new, $sanitizer );
update_post_meta( $post_id, $field['id'], $new );
}
}
} // end foreach
}
The issue here is that the default sanitize functions that are used by the metaboxes script are stripping the html content from your input.
The code below will solve that by stating you want to use a different sanitizer.
function save_box( $post_id ) {
$post_type = get_post_type();
// verify nonce
if ( ! isset( $_POST['custom_meta_box_nonce_field'] ) )
return $post_id;
if ( ! ( in_array( $post_type, $this->page ) || wp_verify_nonce( $_POST['custom_meta_box_nonce_field'], 'custom_meta_box_nonce_action' ) ) )
return $post_id;
// check autosave
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE )
return $post_id;
// check permissions
if ( ! current_user_can( 'edit_page', $post_id ) )
return $post_id;
// loop through fields and save the data
foreach ( $this->fields as $field ) {
if( $field['type'] == 'section' ) {
$sanitizer = null;
continue;
}
if( in_array( $field['type'], array( 'tax_select', 'tax_checkboxes' ) ) ) {
// save taxonomies
if ( isset( $_POST[$field['id']] ) ) {
$term = $_POST[$field['id']];
wp_set_object_terms( $post_id, $term, $field['id'] );
}
}
else {
// save the rest
$new = false;
$old = get_post_meta( $post_id, $field['id'], true );
if ( isset( $_POST[$field['id']] ) )
$new = $_POST[$field['id']];
if ( isset( $new ) && '' == $new && $old ) {
delete_post_meta( $post_id, $field['id'], $old );
} elseif ( isset( $new ) && $new != $old ) {
// the code below is commented out and replaced with a line that specifically sets the sanitizer to one that will keep some html
//$sanitizer = isset( $field['sanitizer'] ) ? $field['sanitizer'] : 'sanitize_text_field';
$sanitizer = 'wp_kses_post'
if ( is_array( $new ) )
$new = meta_box_array_map_r( 'meta_box_sanitize', $new, $sanitizer );
else
$new = meta_box_sanitize( $new, $sanitizer );
update_post_meta( $post_id, $field['id'], $new );
}
}
} // end foreach
}
Note that while this works for your situation it also means all the other metaboxes are going to go through this same sanitizer when there are better alternatives that could be used for other data types.