Wordpress makes me cry

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Wordpress makes me cry

Post by Ambush Commander »

So I thought to myself: "Hmm, why not make an HTMLPurifier plugin for WordPress? That would be cool." So, I decided to stumble into an application that I had never used before and try to code a simple extension for it.

And, in the process, went through 1000+ lines of hack piled on after hack, which, of course, HTMLPurifier makes unnecessary, but tell that to a hardcoded wpautop() call. Things like str_replace('<', '&lt;', $output); make me sad (just htmlspecialchar() the whole damn thing!) and I still haven't been able to track down the cause of phantom empty tags occuring in the WYSIWYG editor. T_T

Maybe it's just not worth the trouble.
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Post by matthijs »

Yes as far as I know wordpress already filters the content. Characters are replaced by their entities etc. So can imagine that it isn't easy to try to hack into that. I've never used the whysywig editor in wp. You can turn it of in the options in the admin panel.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

The codebase for WP is pretty fat. I have noticed methods that essentially do the same thing, then regular function calls to those methods, then functions that call functions. There are rewriting functions and all sorts of manipulation functions. It is a large base and can be utterly brain-puke generating if you are not really into code.
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Post by matthijs »

Maybe that's why it was easy for the wp team to increase the amount of features in the last update while at the same time reducing the amount of code.. sounds like they can continue that direction for a while?
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

We can only hope.
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

Sounds like there are going to have to move in that direction or a good while else nobody will be able to maintain it.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

I mean, what I'd really like to see is the OOP-ization of the entire code base. Failing that, a more logical naming structure so I don't have to guess which file a function I'm looking for is in.

And thing about it is that WordPress, in terms of interface and UI design, is a pretty awesome application.
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

You could write one for drupal instead.

While we are on the subject of HTMLPurifier as a plugin for things. I could definately make use of it in my project.
I have a load of testing and filtering methods (field input) and isValidHtml() and PurifyHtml() would be excellent additions. We could both increase our exposures by co-opting a bit. Not sure how you would feel about being bundled with my library otherwise I could just provide a simple tutorial get OsisForms and HTMLPurifier to work together. I'm going to need to talk to Marcus about bundling simpletest as well.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

I don't intend on purposefully excluding anyone unless it proves too difficult. Drupal sounds like a logical next step.
I have a load of testing and filtering methods (field input) and isValidHtml() and PurifyHtml() would be excellent additions. We could both increase our exposures by co-opting a bit. Not sure how you would feel about being bundled with my library otherwise I could just provide a simple tutorial get OsisForms and HTMLPurifier to work together.
It's LGPL. Even if you didn't have my permission you would be allowed to bundle it. The only thing I request is that you keep the bundled package up-to-date and use only the external facade (HTMLPurifier->purify) while the internal API is being documented and stabilized for the stable release.
Post Reply