WordPress.org

Make WordPress Core

Ticket #16059: 16059.2.patch

File 16059.2.patch, 3.2 KB (added by hakre, 7 years ago)

Better callback function name, Deprecate the old function.

  • wp-includes/kses.php

     
    551551 * @return string Content with fixed HTML tags
    552552 */
    553553function wp_kses_split($string, $allowed_html, $allowed_protocols) {
    554         global $pass_allowed_html, $pass_allowed_protocols;
    555         $pass_allowed_html = $allowed_html;
    556         $pass_allowed_protocols = $allowed_protocols;
     554        $GLOBALS['pass_allowed'] = array( $allowed_html, $allowed_protocols );
    557555        return preg_replace_callback( '%((<!--.*?(-->|$))|(<[^>]*(>|$)|>))%', '_wp_kses_split_callback', $string );
    558556}
    559557
     
    564562 * @access private
    565563 */
    566564function _wp_kses_split_callback( $match ) {
    567         global $pass_allowed_html, $pass_allowed_protocols;
    568         return wp_kses_split2( $match[1], $pass_allowed_html, $pass_allowed_protocols );
    569 }
     565        list( $allowed_html, $allowed_protocols ) = $GLOBALS['pass_allowed'];
     566        $string = wp_kses_stripslashes( $match[1] );
    570567
    571 /**
    572  * Callback for wp_kses_split for fixing malformed HTML tags.
    573  *
    574  * This function does a lot of work. It rejects some very malformed things like
    575  * <:::>. It returns an empty string, if the element isn't allowed (look ma, no
    576  * strip_tags()!). Otherwise it splits the tag into an element and an attribute
    577  * list.
    578  *
    579  * After the tag is split into an element and an attribute list, it is run
    580  * through another filter which will remove illegal attributes and once that is
    581  * completed, will be returned.
    582  *
    583  * @access private
    584  * @since 1.0.0
    585  * @uses wp_kses_attr()
    586  *
    587  * @param string $string Content to filter
    588  * @param array $allowed_html Allowed HTML elements
    589  * @param array $allowed_protocols Allowed protocols to keep
    590  * @return string Fixed HTML element
    591  */
    592 function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
    593         $string = wp_kses_stripslashes($string);
    594 
    595568        if (substr($string, 0, 1) != '<')
    596569                return '&gt;';
    597570        # It matched a ">" character
     
    630603}
    631604
    632605/**
     606 * Callback for wp_kses_split for fixing malformed HTML tags.
     607 *
     608 * This function does a lot of work. It rejects some very malformed things like
     609 * <:::>. It returns an empty string, if the element isn't allowed (look ma, no
     610 * strip_tags()!). Otherwise it splits the tag into an element and an attribute
     611 * list.
     612 *
     613 * After the tag is split into an element and an attribute list, it is run
     614 * through another filter which will remove illegal attributes and once that is
     615 * completed, will be returned.
     616 *
     617 * @access private
     618 * @since 1.0.0
     619 * @uses wp_kses_attr()
     620 *
     621 * @param string $string Content to filter
     622 * @param array $allowed_html Allowed HTML elements
     623 * @param array $allowed_protocols Allowed protocols to keep
     624 * @return string Fixed HTML element
     625 */
     626function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
     627        $GLOBALS['pass_allowed'] = array( $allowed_html, $allowed_protocols );
     628        $match = array( 1 => $string);
     629        _deprecated_function( 'wp_kses_split2', '3.0' );
     630        return _wp_kses_split_callback( $match );
     631}
     632
     633/**
    633634 * Removes all attributes, if none are allowed for this element.
    634635 *
    635636 * If some are allowed it calls wp_kses_hair() to split them further, and then