I am trying to embed a flash video into a custom setup of the tinyMCE editor. It is seperate from the main WordPress one, but it is still within the wordpress admin area.
The output code from a simple youtube embed block is as follows:
<p><img mce_src=\"../wp-content/themes/porcelain/tinymce/jscripts/tiny_mce/plugins/media/img/trans.gif\" src=\"../wp-content/themes/porcelain/tinymce/jscripts/tiny_mce/plugins/media/img/trans.gif\" width=\"560\" height=\"340\" style=\"\" class=\"mceItemFlash\" title=\""allowFullScreen":"true","allowscriptaccess":"always","src":"http://www.youtube.com/v/26Ywp6vUQMY&hl=en&fs=1&","allowfullscreen":"true"\"></p>
As you can see, it’s escaping the quotes when I don’t want it to…
Any help is massively appreciated, and I know this is a school boy error. I just need setting straight.
Thanks.
This often happens when you have code that escapes data before using it in SQL (as it should do) on a server that has php’s
magic_quotesfeature enabled. This feature causes php to automatically escape get and post data when it loads. If you then escape it again, things go wrong – it gets double escaped, so escaped data goes into the db.PHP has now deprecated this feature, they realised it was a nuiscance, caused more pain than it saved – they were trying to build in security, but ultimately the developer needs to be aware of and work around security issues, rather than having them taken care of silently. Myself, I ended up regularly including code in stuff to detect if this was enabled and reverse it early in the execution if it was.