How to Disable HTML in WordPress Comments

Like Tweet Pin it Share Share Email

By default, WordPress permits sure HTML tags inside the feedback equivalent to <a> <em> <robust> and many others. If you happen to discover a variety of SPAM feedback additionally comprise these tags. Most SPAM feedback are made by bots and scripts, that are utilizing HTML tags. If you happen to merely disable HTML out of your WordPress feedback, it could actually stop a variety of SPAM. On this tutorial we are going to present you how one can disable HTML tags in your WordPress feedback.

This tutorial will solely disable lively HTML tags. So somebody can nonetheless publish one thing like:

&lt;a&gt;&lt;em&gt;&lt;robust&gt;

And it’ll present up, however the tags is not going to be practical. So if somebody makes use of the robust tag, it gained’t daring the textual content. In addition to not many SPAM bots have time to do that as a result of this fashion takes up a variety of time and it’s not helpful for them.

All you must do is just open your features.php and add the next code:

    // It will happen when the remark is posted
    operate plc_comment_post( $incoming_comment ) 

    // convert all the pieces in a remark to show actually
    $incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']);

    // the one exception is single quotes, which can't be #039; as a result of WordPress marks it as spam
    $incoming_comment['comment_content'] = str_replace( "'", '&apos;', $incoming_comment['comment_content'] );

    return( $incoming_comment );
    

    // It will happen earlier than a remark is displayed
    operate plc_comment_display( $comment_to_display ) 

    // Put the one quotes again in
    $comment_to_display = str_replace( '&apos;', "'", $comment_to_display );

    return $comment_to_display;

If you happen to don’t need to manually add this code your self, then the unique writer additionally gives a plugin which you could obtain. Merely set up and activate Peter’s Literal Feedback plugin.

The explanation why this fashion is healthier is as a result of it doesn’t require you to vary the core information. If you wish to edit your core information then you might go to wp-includes/kses.php and edit the codes there. (This isn’t Advisable, however it’s right here for the sake of information. (WP Codex for extra particulars)

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *