Make WordPress Core

Ticket #12584: 12584.diff

File 12584.diff, 5.0 KB (added by solarissmoke, 13 years ago)

Decode HTML entities before putting them in plain text notification emails

  • wp-includes/pluggable.php

     
    10281028        // The blogname option is escaped with esc_html on the way into the database in sanitize_option
    10291029        // we want to reverse this for the plain text arena of emails.
    10301030        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     1031        $comment_content = wp_specialchars_decode( $comment->comment_content );
    10311032
    10321033        if ( empty( $comment_type ) ) $comment_type = 'comment';
    10331034
     
    10381039                $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
    10391040                $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
    10401041                $notify_message .= sprintf( __('Whois  : http://whois.arin.net/rest/ip/%s'), $comment->comment_author_IP ) . "\r\n";
    1041                 $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
     1042                $notify_message .= __('Comment: ') . "\r\n" . $comment_content . "\r\n\r\n";
    10421043                $notify_message .= __('You can see all comments on this post here: ') . "\r\n";
    10431044                /* translators: 1: blog name, 2: post title */
    10441045                $subject = sprintf( __('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title );
     
    10471048                /* translators: 1: website name, 2: author IP, 3: author domain */
    10481049                $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
    10491050                $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
    1050                 $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
     1051                $notify_message .= __('Excerpt: ') . "\r\n" . $comment_content . "\r\n\r\n";
    10511052                $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n";
    10521053                /* translators: 1: blog name, 2: post title */
    10531054                $subject = sprintf( __('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title );
     
    10561057                /* translators: 1: comment author, 2: author IP, 3: author domain */
    10571058                $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
    10581059                $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
    1059                 $notify_message .= __('Excerpt: ') . "\r\n" . sprintf('[...] %s [...]', $comment->comment_content ) . "\r\n\r\n";
     1060                $notify_message .= __('Excerpt: ') . "\r\n" . sprintf('[...] %s [...]', $comment_content ) . "\r\n\r\n";
    10601061                $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n";
    10611062                /* translators: 1: blog name, 2: post title */
    10621063                $subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
     
    11271128        // The blogname option is escaped with esc_html on the way into the database in sanitize_option
    11281129        // we want to reverse this for the plain text arena of emails.
    11291130        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     1131        $comment_content = wp_specialchars_decode( $comment->comment_content );
    11301132
    11311133        switch ($comment->comment_type)
    11321134        {
     
    11351137                        $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
    11361138                        $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
    11371139                        $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
    1138                         $notify_message .= __('Trackback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
     1140                        $notify_message .= __('Trackback excerpt: ') . "\r\n" . $comment_content . "\r\n\r\n";
    11391141                        break;
    11401142                case 'pingback':
    11411143                        $notify_message  = sprintf( __('A new pingback on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
    11421144                        $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
    11431145                        $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
    11441146                        $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
    1145                         $notify_message .= __('Pingback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
     1147                        $notify_message .= __('Pingback excerpt: ') . "\r\n" . $comment_content . "\r\n\r\n";
    11461148                        break;
    11471149                default: //Comments
    11481150                        $notify_message  = sprintf( __('A new comment on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
     
    11511153                        $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
    11521154                        $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
    11531155                        $notify_message .= sprintf( __('Whois  : http://whois.arin.net/rest/ip/%s'), $comment->comment_author_IP ) . "\r\n";
    1154                         $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
     1156                        $notify_message .= __('Comment: ') . "\r\n" . $comment_content . "\r\n\r\n";
    11551157                        break;
    11561158        }
    11571159