Ticket #11390: no-&apos.patch
| File no-&apos.patch, 1.5 KB (added by , 15 years ago) |
|---|
-
wp-admin/press-this.php
14 14 wp_die( __( 'Cheatin’ uh?' ) ); 15 15 16 16 /** 17 * Convert characters.18 *19 * @package WordPress20 * @subpackage Press_This21 * @since 2.6.022 *23 * @param string $text24 * @return string25 */26 function aposfix($text) {27 $translation_table[chr(34)] = '"';28 $translation_table[chr(38)] = '&';29 $translation_table[chr(39)] = ''';30 return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($text, $translation_table));31 }32 33 /**34 17 * Press It form handler. 35 18 * 36 19 * @package WordPress … … 93 76 94 77 // Set Variables 95 78 $title = isset( $_GET['t'] ) ? trim( strip_tags( aposfix( stripslashes( $_GET['t'] ) ) ) ) : ''; 96 $selection = isset( $_GET['s'] ) ? trim( htmlspecialchars( html_entity_decode( aposfix( stripslashes( $_GET['s'] ) ) ) ) ) : ''; 79 80 $selection = ''; 81 if ( !empty($_GET['s']) ) { 82 $selection = str_replace(''', "'", stripslashes($_GET['s'])); 83 $selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) ); 84 } 85 97 86 if ( ! empty($selection) ) { 98 87 $selection = preg_replace('/(\r?\n|\r)/', '</p><p>', $selection); 99 $selection = '<p>' .str_replace('<p></p>', '', $selection).'</p>';88 $selection = '<p>' . str_replace('<p></p>', '', $selection) . '</p>'; 100 89 } 101 90 102 91 $url = isset($_GET['u']) ? esc_url($_GET['u']) : '';