Ticket #2661: 2661.diff

wp-includes/kses.php

@@ -1 +1 @@
 <?php
 
 // Added wp_ prefix to avoid conflicts with existing kses users
-# kses 0.2.1 - HTML/XHTML filter that only allows some elements and attributes
-# Copyright (C) 2002, 2003  Ulf Harnhammar
+# kses 0.2.2 - HTML/XHTML filter that only allows some elements and attributes
+# Copyright (C) 2002, 2003, 2005  Ulf Harnhammar
 # *** CONTACT INFORMATION ***
 #
 # E-mail:      metaur at users dot sourceforge dot net
@@ -113 +113 @@
         $elem = $matches[2];
         $attrlist = $matches[3];
 
-        if (!@ is_array($allowed_html[strtolower($elem)]))
+        if (!@isset($allowed_html[strtolower($elem)]))
                 return '';
         # They are using a not allowed HTML element
 
@@ -366 +366 @@
 ###############################################################################
 {
         $string = wp_kses_no_null($string);
+        $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
         $string2 = $string.'a';
 
         while ($string != $string2) {
@@ -378 +379 @@
 
 function wp_kses_no_null($string)
 ###############################################################################
-# This function removes any NULL or chr(173) characters in $string.
+# This function removes any NULL characters in $string.
 ###############################################################################
 {
         $string = preg_replace('/\0+/', '', $string);
@@ -454 +455 @@
         $string2 = wp_kses_decode_entities($string);
         $string2 = preg_replace('/\s/', '', $string2);
         $string2 = wp_kses_no_null($string2);
+        $string2 = preg_replace('/\xad+/', '', $string2);
+        # deals with Opera "feature"
         $string2 = strtolower($string2);
 
         $allowed = false;