Replaces the Biographical Info profile field with the WordPress visual editor, TinyMCE, allowing you to editor an author’s biography using rich text.
Please note that this plugins modifies the output of get_the_author_meta('description') and the_author_meta('description'), apply the same filters used to format content in the main editor.
Multisite Compatibility
The Visual Editor Biography plugin is compatibly with WordPress Multisite, just use the Network Activate feature to enable a visual editor on every site. If you only want a visual editor for a specific site then activate the plugin for that site only.
螢幕截圖
安裝
Install easily with the WordPress plugin control panel or manually download the plugin and upload the folder visual-editor-biography to the /wp-content/plugins/ directory
Activate the plugin through the ‘Plugins’ menu in WordPress
It’s a good plugin, but being so old it’s got its share of problems already. Here’s an updated version that adds Polylang compatibility (by Rocco Marco Guglielmi), composer.json and a hook to change passed WP_editor args.
Nice, straightforward plugin.
Replacing the public function save_filters() function with the following appears to sanitize the input:
public function save_filters() {
// Contributor level user or higher required
if ( !current_user_can('edit_posts') )
return;
//disable WordPress sanitization to allow more than just $allowedtags from /wp-includes/kses.php
remove_filter('pre_user_description', 'wp_filter_kses');
//add sanitization
add_filter( 'pre_user_description', 'wp_filter_post_kses');
}
Credit for the sanitize snippet to: http://badlywired.com/2015/03/allow-html-in-user-description/ (although it may be seen on 1 or 2 other posts/sites).
This plugin is extremely convenient but you should change a line of code before using it.
File: visual-editor-biography.php
Line 137: remove_all_filters(‘pre_user_description’);
This allows you to use HTML by removing all filters, making it impossible for other plugins to adjust anything AND more important, it allows users to run <script> tags. Use this instead:
remove_filter('pre_user_description', 'wp_filter_kses');
add_filter('pre_user_description', 'wp_filter_post_kses');
This removes only the strict HTML filter and replaces it with a less strict version, allowing links, images and markup including divs.
Check for ‘edit_posts’ capability instead of ‘contributor’ for accurate role checks
Remove ‘the_content’ filters from get_the_author_description() function and instead add filters individually to avoid future conflicts with other plugins: wptexturize(), wpautop() and convert_chars(). Thanks to Matt Wiebe for making this great suggestion.
1.3
Restrict the rich text editing profile switch to contributor level users or higher for security
Add current_user_can() restrictions for added security throughout plugin
1.2
Fix issue with JS loading on user-edit.php; when administrators edit other people’s bio’s
1.1
Updates and bug fixes for older WordPress versions
Add plugin Banner to /assets/ folder for WordPress repository
1.0
Initial public release to the WordPress plugin repository