Oh bummer.
Yeah, that would be hard to replicate across all of the websites.
I will open a ticket to see if they can revert this or give us a way to get around this more easily on a next update.
Ok, problem solved!
Here is the code I had to add to make it work:
function custom_wpkses_post_tags( $tags, $context ) {
if ( 'acf' === $context ) {
$tags['input'] = array(
'type' => true,
'disabled' => true,
'checked' => true,
'style' => true,
'name' => true,
'value' => true,
);
}
return $tags;
}
add_filter( 'wp_kses_allowed_html', 'custom_wpkses_post_tags', 10, 2 );
I think it is related to this update from Aug 25th:
* Enhancement – Improved security by running all user-generated content through wp_kses() by default
It started working after I replaced the line 75 of class-acf-field-message.php from:
echo acf_esc_html( $m );
to
echo $m;
Is there a way to avoid this function from running on the message field?
Thanks!
Hi John!
Thanks for the response!
I’m still facing the same issue even after replacing it with the prepare_field filter.
It’s just the <input> that’s being removed from the code. The other tags are working fine.
I have tried debugging the value of $field[‘message’] after “do_shortcode” with multiple different priorities and it always has the <input>, so it must be being filtered out after these actions are called.
Another relevant information is that if I enable the “Escape HTML” option, the code is printed correctly, including the <input>.
