views:

27

answers:

1

I've got a wordpress admin panel for one of my themes and one of the boxes has an input for some code to drive google adsense. when I put the code into the box and call it with my php tags the code comes out like this:

        <script type="\&quot;text/javascript\&quot;"><!--
google_ad_client = \"pub-9295546347478163\";
/* Leaderboard 5/17/2010 */
google_ad_slot = \"7593465074\";
google_ad_width = 728;
google_ad_height = 90;
//-->
</script>
<script type="\&quot;text/javascript\&quot;" src="%5C%22http://pagead2.googlesyndication.com/pagead/show_ads.js%5C%22"&gt;
</script>   

Which I assume is a feature to stop SQL injections. How can I call pure code form a box? This is how I currently have that textbox setup.

            array(  "name" => "Code for Top ad",
                    "desc" => "Enter the HTML that will drive the banner ad for the page header",
                    "id" => $shortname."_headerAd",
                    "type" => "textarea"),      

and then echo it out with this:

    <?php echo get_option('lifestyle_headerAd'); ?>
A: 

Are you stripslashing when you save the data from POST? WordPress automatically adds magic quotes to GET and POST, which you'll need to sanitize before saving.

TheDeadMedic