WordPress has many helpers that allow authors to write down some text and have it nicely formatted for their readers, without having to care about HTML issues. It’s a great job, but sometimes it doesn’t do the right thing.
This bug affects content and custom fields, which means that it’s more of a conceptual bug than a coding bug. I wrote an article with a workaround for the content. Now, let’s see a simple fix for custom fields.
I’ll describe both problems I detected and give a solution based on changing some WordPress code. I know it’s not a perfect solution, but it works and it’s also relatively easy. In the snippets you’ll see the code as it’s supposed to get changed to. (with 3 lines of context before and after changed lines, each preceded by a //noteslog.com comment)
WordPress Version: 2.3.1
Problem: HTML Entities Conversion
Custom fields that have HTML entities in their key or value are treated by WordPress weirdly. Frustration will appear soon after realizing that WordPress won’t return what you put in before.
If I write {[.show( .para )]} inside the visual editor of a post, WordPress should assume that I want to visualize {[.show( .para )]}. In fact it will pretend to do the right thing the first time I save the post. All subsequent times it will show a ¶ where I put a {[.show( .para )]}.
If I write {[.show( .para )]} inside the code editor of a post, WordPress should assume that I want to visualize ¶, and it does the right thing (sort of, because I now have a ¶ inside the code too).
If I write {[.show( .para )]} inside a custom field’s key or value, WordPress should assume that I want to visualize ¶ for my readers, and {[.show( .para )]} for myself when I’m authoring the custom field. In fact WordPress does the wrong thing here again, because it’ll immediately convert {[.show( .para )]} to ¶.
Solution
This fix requires changing four lines in two files. We’ll use the PHP function htmlspecialchars in place of the WordPress function attribute_escape. After the fix, filters for “attribute_escape” won’t get applied to custom fields keys and values. (this shouldn’t be a problem)
Open: wp-admin/admin-ajax.php
Search: function wp_ajax_meta_row
{[ .wp_ajax_meta_row /chili-php.php ]}
Open: wp-admin/includes/template.php
Search: function list_meta
{[ .list_meta /chili-php.php ]}
Problem: White Space Trimming
Custom fields that begin or end with white space in their key or value are trimmed. I can undestand that a key is more easily dealt with if it is trimmed before saving it into the database. But values should definitely retain all their white space AS IS.
Solution
This fix requires changing four lines in three files. We’ll add a $trim parameter to the wordpress function maybe_serialize, by default set to true. Wherever we do not want a $data value trimmed, we’ll call maybe_serialize with a false second argument.
Open: wp-includes/functions.php
Search: function maybe_serialize
{[ .maybe_serialize /chili-php.php ]}
Open: wp-admin/includes/post.php
Search: function add_meta
{[ .add_meta /chili-php.php ]}
Open: wp-admin/includes/post.php
Search: function update_meta
{[ .update_meta /chili-php.php ]}
I submitted the loss of HTML entity from custom fields issue to WP Trac and it has been resolved in WP 2.5 RC1.
White Space Trimming submitted as ticket 6394