roi-theme/wp-content/mu-plugins/allow-unfiltered-html.php

<?php
/**
 * Plugin Name: Allow Unfiltered HTML
 * Description: Permite a administradores guardar HTML/CSS/JS sin filtros de WordPress
 * Version: 7.0.0
 * Author: PODC4
 */

if (!defined('ABSPATH')) exit;

// ============================================
// CAPACIDAD PARA ADMINISTRADORES
// ============================================
add_action('init', function () {
    if (is_multisite()) return;
    $role = get_role('administrator');
    if ($role && !$role->has_cap('unfiltered_html')) {
        $role->add_cap('unfiltered_html');
    }
}, 1);

// ============================================
// DESACTIVAR KSES AL GUARDAR (SOLO ADMINS)
// ============================================
add_action('init', function () {
    if (defined('DISALLOW_UNFILTERED_HTML') && DISALLOW_UNFILTERED_HTML) return;
    if (!current_user_can('unfiltered_html')) return;

    remove_filter('content_save_pre', 'wp_filter_post_kses');
    remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
    remove_filter('excerpt_save_pre', 'wp_filter_post_kses');
    remove_filter('content_save_pre', 'wp_filter_kses');
    remove_filter('content_filtered_save_pre', 'wp_filter_kses');
    remove_filter('excerpt_save_pre', 'wp_filter_kses');

    add_action('wp_loaded', function () {
        remove_filter('content_save_pre', 'wp_filter_post_kses');
        remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
        remove_filter('excerpt_save_pre', 'wp_filter_post_kses');
        remove_filter('content_save_pre', 'wp_filter_kses');
        remove_filter('content_filtered_save_pre', 'wp_filter_kses');
        remove_filter('excerpt_save_pre', 'wp_filter_kses');
    }, 9999);
}, 20);

// ============================================
// CONFIGURACIÓN TINYMCE (SOLO ADMINS)
// ============================================
add_filter('tiny_mce_before_init', function ($init) {
    if (!current_user_can('unfiltered_html')) return $init;
    
    $init['valid_elements'] = '*[*]';
    $init['extended_valid_elements'] = 'script[src|type|async|defer|referrerpolicy|crossorigin],style[type|media],iframe[src|width|height|frameborder|allowfullscreen|allow]';
    $init['paste_remove_styles'] = false;
    $init['paste_as_text'] = false;
    $init['verify_html'] = false;
    $init['cleanup'] = false;
    $init['forced_root_block'] = false;
    
    return $init;
});

// ============================================
// PERMITIR TAGS EN WP_KSES (SOLO ADMINS)
// ============================================
add_filter('wp_kses_allowed_html', function ($allowed, $context) {
    if (!current_user_can('unfiltered_html')) return $allowed;
    
    if (!\is_array($allowed)) $allowed = [];
    if ($context === 'post' || $context === null) {
        $allowed['script'] = [
            'src'            => true,
            'type'           => true,
            'async'          => true,
            'defer'          => true,
            'referrerpolicy' => true,
            'crossorigin'    => true,
        ];
        $allowed['style'] = [
            'type'  => true,
            'media' => true,
        ];
        $allowed['iframe'] = [
            'src'             => true,
            'width'           => true,
            'height'          => true,
            'frameborder'     => true,
            'allowfullscreen' => true,
            'allow'           => true,
        ];
    }
    return $allowed;
}, 10, 2);

// ============================================
// REFUERZO: wp_insert_post_data
// ============================================
add_filter('wp_insert_post_data', function($data, $postarr) {
    if (!current_user_can('unfiltered_html')) return $data;
    
    if (isset($postarr['content']) && !empty($postarr['content'])) {
        $data['post_content'] = $postarr['content'];
        $data['post_content_filtered'] = '';
    }
    
    return $data;
}, 99, 2);