Adding Videos, JavaScript, and Other Goodies to Posts in WordPress MU

Some of you may recall my earlier post Adding JavaScript to WordPress Posts without a Plugin. In that post, I talked about how to add JavaScript for, say, embedding a video without having WordPress “sanitize” your code… and without any plugins!

WordPress MU, the version of WordPress that allows multiple blogs to be run under one WP installation, uses a different content sanitizer. In fact, it’s so seriously anal that it blows away not only JavaScript, but all kinds of other HTML tags in your posts that the regular WP leaves untouched! Bad juju.

In the case of WP MU, the best solution that I could find does include a plugin – but you can write it yourself in about 10 seconds. In writing the plugin yourself, you will also know how to maintain it yourself. Even if you don’t know much about PHP, this one’s a piece of cake!

So, here’s how to convince WordPress MU to play nice with the HTML in your posts…

Okeydokey. If you know PHP, this is a no-brainer. If you don’t know PHP very well, you’re going to have to be able to do three things:

1. Create a text file with a .PHP extension
2. Paste some text I’m going to give you into the file
3. Upload it to a particular directory on your server

Sounds pretty hard, right?

I should note that the code I’m about to give you is my modified version of the Allow Embedded Videos plugin for WP MU. The author himself collected bits and bobs from other suggestions and just compiled them into a plugin. The plugin also comes with Update Notifications, which is a plugin/theme update-checker for plugins and themes from wpmudev.org. I decided this was kind of annoying and unnecessary for the little plugin I needed, so I’m just using the “Allow…” plugin itself, and I’ve added my own little tweaks.

So, here we go:

Create a new file and call it whatever you want – something like:

WPMU-Jedi-Mind-Trick.php

Edit that file and paste the following code:

<?php
/*
Plugin Name: These Aren't the Tags You're Looking For
Plugin URI: http://someurl.com
Description: Allows videos, JavaScript, and things like PayPal buttons to be embedded into WordPress MU.
Version: 1.0
Author: Your Name
Author URI: http://someurl.com
*/

/*
Based on Allow Embedded Videos plugin, http://wpmudev.org/project/Allow-Embedded-Videos,
which is Copyright 2008  Stuart Maxwell  (email : [email protected])
Used under the terms of GNU GPL as published by the Free Software Foundation.
*/

function az_add_tags(&$content) {
    $content += array(
        'object' => array(
            'width' => array(),
            'height' => array(),
            'data' => array(),
            'type' => array(),
            'classid' => array(),
            ),
        'param' => array(
            'name' => array(),
            'value' => array(),
            ),
        'embed' => array(
            'src' => array(),
            'type' => array(),
            'bgcolor' => array(),
            'allowfullscreen' => array(),
            'flashvars' => array(),
            'wmode' => array(),
            'width' => array(),
            'height' => array(),
            'style' => array(),
            'id' => array(),
            'flashvars' => array(),
            ),
        'script' => array(
            'src' => array(),
            'type' => array(),
            'language' => array(),
        ),
        'input' => array(
            'name' => array(),
            'type' => array(),
            'value' => array(),
            'src' => array(),
            'alt' => array(),
        )
    );
return $content;
}
add_filter('edit_allowedposttags', 'az_add_tags');
?>

Now save the file, and upload to:

[Your WordPress MU Directory]/wp-content/mu-plugins/

That’s it!

Now, WP will automatically pick up the file, and add the “anti-filter”. Note that the first lines of the plugin file are necessary for WordPress to be happy with it as a plugin. You can change the plugin info to whatever you want.

The rest of the code is pretty simple. All it’s doing is saying:

For each of these object, param, embed, script, and input tags, allow them and the following parameters for each…

So, if you’d like to embed a JavaScript movie the way I explained in Adding JavaScript to WordPress Posts without a Plugin, it will now work in WP MU. The reason is that <script> tags with “src=“, “type=“, and “language=” parameters are now allowed. Before, they would have been filtered out by the more strict post sanitizer in WP MU.

You could also now include PayPal buttons on your WordPress MU pages, since <input> tags will no longer be sanitized, either. And you can add as many tags as you want this way. Just add a new section to the $content array, just like I did for ‘script’ and ‘input’ tags.

I should also note that if you’re using WordPress MU to host various blogs for people you don’t know very well, you might not want to go too crazy on the whole “anti-filtering” thing. WP MU was made this way for a reason. For example, allowing any JavaScript could be a big security risk.

In my case, I’m simply using WP MU to host one site in multiple languages, so I don’t have to worry about people trying to do Evil Things when posting content!

Finally, I would like to mention that using WP MU is otherwise extraordinarily easy, and if you ever have to make a multi-lingual site, don’t bother with any of the plugins out there. They are all inherently flawed to one extent or another.

Using WP MU, you can simply export your content, upgrade your normal WP install to WP MU, import your content, and configure subdomains like “es.awesome-blog.com”, “fr.awesome-blog.com”, and so on (see instructions here).

Each blog will have its own admin backend, but you can manage them all yourself. Each language/blog also gets its own set of tables in the database. Cool!

And, since WordPress 3.0 will basically merge WP and WP MU, you’ll be nice and future-proof, too.