Hello everyone
I have installed Wordpress on my website. When i want to add a block with individual HTML Code and save it, it never saves. But with the preview everything works.
Does someone know why this is happening?
Thank you
Keaddy
Hello everyone
I have installed Wordpress on my website. When i want to add a block with individual HTML Code and save it, it never saves. But with the preview everything works.
Does someone know why this is happening?
Thank you
Keaddy
Hello, and Welcome to the InfinityFree Forum!
Usually, WordPress does save the HTML code. This is odd. What is the HTML code you are trying to save into WordPress?
(To keep the HTML code formatted, use the </>
button)
<div id="fresspaeckchen-container" style="max-width: 500px; margin: 40px auto; padding: 30px; border-radius: 12px; box-shadow: 0 4px 12px rgba(0,0,0,0.1); font-family: sans-serif;">
<h2 style="text-align: center;">Feldpost senden 🪖🫡</h2>
<p style="text-align: center;">Gib das Passwort ein, um meine Adresse zu sehen:</p>
<input type="password" id="milpass" placeholder="Passwort eingeben..." style="width: 100%; padding: 12px; margin-top: 10px; border-radius: 8px; border: 1px solid #ccc; font-size: 16px;">
<button onclick="checkPassword()" style="margin-top: 15px; width: 100%; padding: 12px; background-color: #2c3e50; color: white; border: none; border-radius: 8px; font-size: 16px; cursor: pointer;">
Bestätigen
</button>
<div id="address-box" style="display: none; margin-top: 25px; background-color: #f6f6f6; padding: 20px; border-radius: 8px; border: 1px solid #ddd;">
<strong>Feldpost-Adresse:</strong><br>
Bla bla<br>
Blabla<br>
1000 Bla<br>
</div>
<p id="error-message" style="color: red; margin-top: 10px; display: none;">Falsches Passwort. Versuch's nochmal.</p>
</div>
<script>
function checkPassword() {
const correctPassword = "defaultpw"; // Passwort hier festlegen
const input = document.getElementById("milpass").value;
const addressBox = document.getElementById("address-box");
const errorMessage = document.getElementById("error-message");
if (input === correctPassword) {
addressBox.style.display = "block";
errorMessage.style.display = "none";
} else {
addressBox.style.display = "none";
errorMessage.style.display = "block";
}
}
</script>
I tested this code in one of my WordPress installations.
The result: Code works in Draft. Code works in Published. Code took 7 seconds to save. TestImage, in English (I can’t read German):
I also tested to see if the action after entering the password works (the password is within your code. Cool, but insecure in certain applications) and it works in both Draft and in Published.
What happens when you try to save the code? If possible, can you provide screenshots?
Before you test again and send screenshots, Clear your Browser Cache for your site. Sometimes, this is the culprit.
just cleared the cache for my browser. Issue is still there and this is the message i keep getting when i try to save:
Uploading: Bildschirmfoto 2025-05-04 um 18.11.58.png…
What’s your website’s URL?
Also, what is on the WordPress Page that fails to save? Is it just the HTML code, or are there more elements? What is the WordPress Page’s name?
nothing is on the page, i created a new one also tried to delete everything and just leave the hmtl code there.
twonet.ch if you could have a look. currently theres just a template on it because i cant save the html
Unanswered:
Also, nice URL!
Very Odd! Another Question: What Template are you using? When I tested your code, I used WordPress’s Twenty-Twenty-Five theme.
Oh sorry, its just named “Feldpost”
I also tried another theme don’t know if it was the 2025 theme. Will try it now with the 2025 theme.
At the moment the 2024 theme is installed
now i don’t get the error message, it just says it has saved it. But if I reload the site it isn’t there. Same if i view it directly on the site not with the editor.
Also, I created a WordPress Twenty-Twenty-Four page, and it works:
Are you using any plugins on your site?
they were some plugins but deactivated (AntiSpam and other). Deleted them all and it’s still not working.
I deleted the wordpress installtion and reinstalled it. Works now.
Do you can help me now how i make this safe?
The usual way to validate passwords safely is to send it to the server and check it there. You can do that with PHP code on our hosting, either as a standalone PHP script or maybe a WordPress plugin.
MOD NOTE: THIS IS UNSAFE AND NOT GOOD PRACTICE. NEVER store passwords in plaintext for any reason whatsoever
I found a way to allow PHP validation, but you will need FTP access. The File Manager is fine, however it’s recommended to use FileZilla.
/twonet.ch/htdocs/wp-content/
feldpost
and go into itcheck-password.php
, and paste the following:<?php
header('Content-Type: application/json');
$input = json_decode(file_get_contents('php://input'), true);
$submittedPassword = $input['password'] ?? '';
$valid = false;
$address = "Bla bla\nBlabla\n1000 Bla";
if (($handle = fopen("passwords.csv", "r")) !== false) {
$first = true;
while (($data = fgetcsv($handle, 1000, ",")) !== false) {
if ($first) { $first = false; continue; }
$csvPassword = trim($data[0]);
if ($submittedPassword === $csvPassword) {
$valid = true;
break;
}
}
fclose($handle);
}
if ($valid) {
echo json_encode(["success" => true, "address" => $address]);
} else {
echo json_encode(["success" => false]);
}
?>
passwords.csv.txt
file, and insert the following:password
(your password here)
passwords.csv
<div id="fresspaeckchen-container" style="max-width: 500px; margin: 40px auto; padding: 30px; border-radius: 12px; box-shadow: 0 4px 12px rgba(0,0,0,0.1); font-family: sans-serif;">
<h2 style="text-align: center;">Feldpost senden 🪖🫡</h2>
<p style="text-align: center;">Gib das Passwort ein, um meine Adresse zu sehen:</p>
<input type="password" id="milpass" placeholder="Passwort eingeben..." style="width: 100%; padding: 12px; margin-top: 10px; border-radius: 8px; border: 1px solid #ccc; font-size: 16px;">
<button onclick="checkPassword()" style="margin-top: 15px; width: 100%; padding: 12px; background-color: #2c3e50; color: white; border: none; border-radius: 8px; font-size: 16px; cursor: pointer;">
Bestätigen
</button>
<div id="address-box" style="display: none; margin-top: 25px; background-color: #f6f6f6; padding: 20px; border-radius: 8px; border: 1px solid #ddd;"></div>
<p id="error-message" style="color: red; margin-top: 10px; display: none;">Falsches Passwort. Versuch's nochmal.</p>
</div>
<script>
async function checkPassword() {
const input = document.getElementById("milpass").value;
const addressBox = document.getElementById("address-box");
const errorMessage = document.getElementById("error-message");
const response = await fetch('/wp-content/feldpost/check-password.php', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ password: input })
});
const result = await response.json();
if (result.success) {
addressBox.innerHTML = `<strong>Feldpost-Adresse:</strong><br>${result.address.replace(/\n/g, '<br>')}`;
addressBox.style.display = "block";
errorMessage.style.display = "none";
} else {
addressBox.style.display = "none";
errorMessage.style.display = "block";
}
}
</script>
If done correctly:
check-password.php
) should print.Quick Note: If you want to replace the address in the check-password.php
code, Every time you want something on a new line
like this, use \n
in between. Like this: I am\nthe one\nwho helped\nyou
Also, if you want to change the password, rename the .csv
file to a .csv.txt
file, open it in a text editor, and change the password. Reverse the name change when you’re done.
Lastly, to avoid a password leak, in the directory the PHP and CSV file is stored (/twonet.ch/htdocs/wp-content/feldpost/
), create a .htaccess
file and add the following: Deny from all
No no no
NEVER store passwords in plaintext. You also just publicly shared the file location that anyone can access to reveal the saved passwords (yes you have .htaccess there, but that does not protect against hacks, exploits, and mis-configuration)
Encrypt passwords, ALWAYS.
You do know that this will also cause the API endpoint to become inaccessible?
I also don’t know what’s the purpose of this step, you can just open a csv file with a text editor directly.
So can someone please provide me an step by step guide how to make it safer? I know how IT works but only System Engineering. I don’t know much about coding.
If you just want to get results quickly and don’t want to do too much coding, maybe you can find an existing WordPress plugin that does what you need? There are various plugins that can do password protection for pages, which are all probably more secure and easier to use than what you have now.