Quote:
Originally Posted by blackmonsters
Seems reasonable to me; unless I'm missing something.
A post made by a random user should not contain any HTML/CSS/JS/PHP
Security "101" it seems.
 |
Not a page visitor. By a website owner. Like this:
https://wordpress.org/plugins/php-everywhere/
I have submitted this plugin:
https://www.wpadinserter.com/ - read its documentation. It' just an ad inserting plugin (a quote): "The plugin works with all existing WordPress themes and supports all types of ads. Use any types of ads like including banners, popups, AdSense codes etc. Mix HTML, JavaScript and PHP in any manner."
They said they don't accept those anymore, because some WP user may enter a wrong code, which will break his site or let other people to hack it.
I asked how my ad plugin will work, if the site owner won't be able to use Google or Amazon ads that obviously contain HTML/CSS/JS?
The answer I've got:
Quote:
|
IF you can find an acceptable alternative (like 'here are a list of ads we support, put in your custom IDs here...') we're happy to keep working on this.
|
Is that clear enough now?
P.S. How visitors may add something to a 3rd-party site? Only in comments, IMHO. How it could be relate to a plugin?
...
A WordPress user - a person that uses WordPress engine at his site.
A visitor - a random person who visits that site.