Ticket #29557: miqro-29557.10.patch
File miqro-29557.10.patch, 7.9 KB (added by , 10 years ago) |
---|
-
src/wp-includes/formatting.php
28 28 * @return string The string replaced with html entities 29 29 */ 30 30 function wptexturize($text, $reset = false) { 31 global $wp_cockneyreplace , $shortcode_tags;31 global $wp_cockneyreplace; 32 32 static $static_characters, $static_replacements, $dynamic_characters, $dynamic_replacements, 33 33 $default_no_texturize_tags, $default_no_texturize_shortcodes, $run_texturize = true; 34 34 … … 205 205 206 206 // Look for shortcodes and HTML elements. 207 207 208 $tagnames = array_keys( $shortcode_tags ); 209 $tagregexp = join( '|', array_map( 'preg_quote', $tagnames ) ); 210 $tagregexp = "(?:$tagregexp)(?![\\w-])"; // Excerpt of get_shortcode_regex(). 208 $comment_regex = 209 '!' // Start of comment, after the <. 210 . '(?:' // Unroll the loop: Consume everything until --> is found. 211 . '-(?!->)' // Dash not followed by end of comment. 212 . '[^\-]*+' // Consume non-dashes. 213 . ')*+' // Loop possessively. 214 . '(?:-->)?'; // End of comment. If not found, match all input. 211 215 212 $regex = '/(' // Capture the entire match. 213 . '<' // Find start of element. 214 . '(?(?=!--)' // Is this a comment? 215 . '.+?--\s*>' // Find end of comment 216 $shortcode_regex = 217 '\[' // Find start of shortcode. 218 . '[\/\[]?' // Shortcodes may begin with [/ or [[ 219 . '[^\s\/\[\]]' // No whitespace before name. 220 . '[^\[\]]*+' // Shortcodes do not contain other shortcodes. Possessive critical. 221 . '\]' // Find end of shortcode. 222 . '\]?'; // Shortcodes may end with ]] 223 224 $regex = 225 '/(' // Capture the entire match. 226 . '<' // Find start of element. 227 . '(?(?=!--)' // Is this a comment? 228 . $comment_regex // Find end of comment. 229 . '|' 230 . '[^>]+>' // Find end of element. 231 . ')' 216 232 . '|' 217 . '[^>]+>' // Find end of element 218 . ')' 219 . '|' 220 . '\[' // Find start of shortcode. 221 . '\[?' // Shortcodes may begin with [[ 222 . '\/?' // Closing slash may precede name. 223 . $tagregexp // Only match registered shortcodes, because performance. 224 . '[^\[\]]*' // Shortcodes do not contain other shortcodes. 225 . '\]' // Find end of shortcode. 226 . '\]?' // Shortcodes may end with ]] 227 . ')/s'; 233 . $shortcode_regex // Find shortcodes. 234 . ')/s'; 228 235 229 236 $textarr = preg_split( $regex, $text, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY ); 230 237 … … 231 238 foreach ( $textarr as &$curl ) { 232 239 // Only call _wptexturize_pushpop_element if $curl is a delimiter. 233 240 $first = $curl[0]; 234 if ( '<' === $first && ' >' === substr( $curl, -1) ) {235 // This is an HTML delimiter.241 if ( '<' === $first && '<!--' === substr( $curl, 0, 4 ) ) { 242 // This is an HTML comment delimeter. 236 243 237 if ( '<!--' !== substr( $curl, 0, 4 ) ) { 238 _wptexturize_pushpop_element( $curl, $no_texturize_tags_stack, $no_texturize_tags ); 239 } 244 continue; 240 245 246 } elseif ( '<' === $first && '>' === substr( $curl, -1 ) ) { 247 // This is an HTML element delimiter. 248 249 _wptexturize_pushpop_element( $curl, $no_texturize_tags_stack, $no_texturize_tags ); 250 241 251 } elseif ( '' === trim( $curl ) ) { 242 252 // This is a newline between delimiters. Performance improves when we check this. 243 253 244 254 continue; 245 255 246 } elseif ( '[' === $first && 1 === preg_match( '/^ \[\[?\/?' . $tagregexp . '[^\[\]]*\]\]?$/', $curl ) ) {256 } elseif ( '[' === $first && 1 === preg_match( '/^' . $shortcode_regex . '$/', $curl ) ) { 247 257 // This is a shortcode delimiter. 248 258 249 259 if ( '[[' !== substr( $curl, 0, 2 ) && ']]' !== substr( $curl, -2 ) ) { -
src/wp-includes/shortcodes.php
231 231 $tagregexp = join( '|', array_map('preg_quote', $tagnames) ); 232 232 233 233 // WARNING! Do not change this regex without changing do_shortcode_tag() and strip_shortcode_tag() 234 // Also, see shortcode_unautop() and shortcode.js and wptexturize().234 // Also, see shortcode_unautop() and shortcode.js. 235 235 return 236 236 '\\[' // Opening bracket 237 237 . '(\\[?)' // 1: Optional second opening bracket for escaping shortcodes: [[tag]] -
tests/phpunit/tests/formatting/WPTexturize.php
1188 1188 function data_tag_avoidance() { 1189 1189 return array( 1190 1190 array( 1191 '[ ... ]', 1192 '[ … ]', 1193 ), 1194 array( 1191 1195 '[ is it wise to <a title="allow user content ] here? hmm"> maybe </a> ]', 1192 1196 '[ is it wise to <a title="allow user content ] here? hmm"> maybe </a> ]', 1193 1197 ), 1194 1198 array( 1199 '[is it wise to <a title="allow user content ] here? hmm"> maybe </a> ]', // HTML corruption is a known bug. See tickets #12690 and #29557. 1200 '[is it wise to <a title="allow user content ] here? hmm”> maybe </a> ]', 1201 ), 1202 array( 1203 '[caption - is it wise to <a title="allow user content ] here? hmm"> maybe </a> ]', 1204 '[caption - is it wise to <a title="allow user content ] here? hmm”> maybe </a> ]', 1205 ), 1206 array( 1195 1207 '[ photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy </a> ]', 1196 1208 '[ photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy </a> ]', 1197 1209 ), 1198 1210 array( 1211 '[photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy </a>]', 1212 '[photos by <a href="http://example.com/?a[]=1&a[]=2"> this guy </a>]', 1213 ), 1214 array( 1199 1215 '[gallery ...]', 1200 1216 '[gallery ...]', 1201 1217 ), … … 1212 1228 '[/gallery ...]', 1213 1229 ), 1214 1230 array( 1215 '[...]...[/...]', // These are potentially usable shortcodes.1216 '[…]…[/…]',1217 ),1218 array(1219 1231 '[[gallery]]...[[/gallery]]', // Shortcode parsing will ignore the inner ]...[ part and treat this as a single escaped shortcode. 1220 1232 '[[gallery]]…[[/gallery]]', 1221 1233 ), … … 1224 1236 '[[[gallery]]]…[[[/gallery]]]', 1225 1237 ), 1226 1238 array( 1227 '[gal>ery ...]',1228 '[gal>ery …]',1229 ),1230 array(1231 1239 '[gallery ...', 1232 1240 '[gallery …', 1233 1241 ), … … 1300 1308 '<!--...-->', 1301 1309 ), 1302 1310 array( 1303 '<!-- ... -- > ',1304 '<!-- ... -- > ',1311 '<!-- ... -- > ...', 1312 '<!-- ... -- > ...', 1305 1313 ), 1306 1314 array( 1315 '<!-- ...', // An unclosed comment is still a comment. 1316 '<!-- ...', 1317 ), 1318 array( 1319 'a<!-->b', // Browsers seem to allow this. 1320 'a<!-->b', 1321 ), 1322 array( 1323 'a<!--->b', 1324 'a<!--->b', 1325 ), 1326 array( 1327 'a<!---->b', 1328 'a<!---->b', 1329 ), 1330 array( 1331 'a<!----->b', 1332 'a<!----->b', 1333 ), 1334 array( 1335 'a<!-- c --->b', 1336 'a<!-- c --->b', 1337 ), 1338 array( 1339 'a<!-- c -- d -->b', 1340 'a<!-- c -- d -->b', 1341 ), 1342 array( 1343 'a<!-- <!-- c --> -->b<!-- close -->', 1344 'a<!-- <!-- c --> –>b<!-- close -->', 1345 ), 1346 array( 1307 1347 '<!-- <br /> [gallery] ... -->', 1308 1348 '<!-- <br /> [gallery] ... -->', 1309 1349 ), … … 1727 1767 ), 1728 1768 array( 1729 1769 '[code ...]...[/code]', // code is not a registered shortcode. 1730 '[code …]…[/code]',1770 '[code ...]...[/code]', 1731 1771 ), 1732 1772 array( 1733 1773 '[hello ...]...[/hello]', // hello is not a registered shortcode. 1734 '[hello …]…[/hello]',1774 '[hello ...]…[/hello]', 1735 1775 ), 1736 1776 array( 1777 '[...]...[/...]', // These are potentially usable shortcodes. 1778 '[...]…[/...]', 1779 ), 1780 array( 1781 '[gal>ery ...]', 1782 '[gal>ery ...]', 1783 ), 1784 array( 1785 '[randomthing param="test"]', 1786 '[randomthing param="test"]', 1787 ), 1788 array( 1737 1789 '[[audio]...[/audio]...', // These are potentially usable shortcodes. Unfortunately, the meaning of [[audio] is ambiguous unless we run the entire shortcode regexp. 1738 1790 '[[audio]…[/audio]…', 1739 1791 ),