Index: wp-includes/kses.php =================================================================== --- wp-includes/kses.php (revision 17198) +++ wp-includes/kses.php (working copy) @@ -551,9 +551,7 @@ * @return string Content with fixed HTML tags */ function wp_kses_split($string, $allowed_html, $allowed_protocols) { - global $pass_allowed_html, $pass_allowed_protocols; - $pass_allowed_html = $allowed_html; - $pass_allowed_protocols = $allowed_protocols; + $GLOBALS['pass_allowed'] = array( $allowed_html, $allowed_protocols ); return preg_replace_callback( '%((|$))|(<[^>]*(>|$)|>))%', '_wp_kses_split_callback', $string ); } @@ -564,34 +562,9 @@ * @access private */ function _wp_kses_split_callback( $match ) { - global $pass_allowed_html, $pass_allowed_protocols; - return wp_kses_split2( $match[1], $pass_allowed_html, $pass_allowed_protocols ); -} + list( $allowed_html, $allowed_protocols ) = $GLOBALS['pass_allowed']; + $string = wp_kses_stripslashes( $match[1] ); -/** - * Callback for wp_kses_split for fixing malformed HTML tags. - * - * This function does a lot of work. It rejects some very malformed things like - * <:::>. It returns an empty string, if the element isn't allowed (look ma, no - * strip_tags()!). Otherwise it splits the tag into an element and an attribute - * list. - * - * After the tag is split into an element and an attribute list, it is run - * through another filter which will remove illegal attributes and once that is - * completed, will be returned. - * - * @access private - * @since 1.0.0 - * @uses wp_kses_attr() - * - * @param string $string Content to filter - * @param array $allowed_html Allowed HTML elements - * @param array $allowed_protocols Allowed protocols to keep - * @return string Fixed HTML element - */ -function wp_kses_split2($string, $allowed_html, $allowed_protocols) { - $string = wp_kses_stripslashes($string); - if (substr($string, 0, 1) != '<') return '>'; # It matched a ">" character @@ -630,6 +603,34 @@ } /** + * Callback for wp_kses_split for fixing malformed HTML tags. + * + * This function does a lot of work. It rejects some very malformed things like + * <:::>. It returns an empty string, if the element isn't allowed (look ma, no + * strip_tags()!). Otherwise it splits the tag into an element and an attribute + * list. + * + * After the tag is split into an element and an attribute list, it is run + * through another filter which will remove illegal attributes and once that is + * completed, will be returned. + * + * @access private + * @since 1.0.0 + * @uses wp_kses_attr() + * + * @param string $string Content to filter + * @param array $allowed_html Allowed HTML elements + * @param array $allowed_protocols Allowed protocols to keep + * @return string Fixed HTML element + */ +function wp_kses_split2($string, $allowed_html, $allowed_protocols) { + $GLOBALS['pass_allowed'] = array( $allowed_html, $allowed_protocols ); + $match = array( 1 => $string); + _deprecated_function( 'wp_kses_split2', '3.0' ); + return _wp_kses_split_callback( $match ); +} + +/** * Removes all attributes, if none are allowed for this element. * * If some are allowed it calls wp_kses_hair() to split them further, and then