diff --git src/wp-includes/class-wp-customize-control.php src/wp-includes/class-wp-customize-control.php
index dcebb0f..ef32508 100644
|
|
|
class WP_Customize_Control { |
| 223 | 223 | $this->json['active'] = $this->active(); |
| 224 | 224 | $this->json['section'] = $this->section; |
| 225 | 225 | $this->json['content'] = $this->get_content(); |
| 226 | | $this->json['label'] = $this->label; |
| 227 | | $this->json['description'] = $this->description; |
| | 226 | $this->json['label'] = wp_decode_entities( $this->label ); |
| | 227 | $this->json['description'] = wp_decode_entities( $this->description ); |
| 228 | 228 | } |
| 229 | 229 | |
| 230 | 230 | /** |
diff --git src/wp-includes/class-wp-customize-setting.php src/wp-includes/class-wp-customize-setting.php
index 7d3511c..de82039 100644
|
|
|
class WP_Customize_Setting { |
| 372 | 372 | */ |
| 373 | 373 | $value = apply_filters( "customize_sanitize_js_{$this->id}", $this->value(), $this ); |
| 374 | 374 | |
| 375 | | if ( is_string( $value ) ) |
| 376 | | return html_entity_decode( $value, ENT_QUOTES, 'UTF-8'); |
| | 375 | if ( is_string( $value ) ) { |
| | 376 | $value = wp_decode_entities( $value ); |
| | 377 | } |
| 377 | 378 | |
| 378 | 379 | return $value; |
| 379 | 380 | } |
diff --git src/wp-includes/formatting.php src/wp-includes/formatting.php
index 411eaa8..8be14aa 100644
|
|
|
function htmlentities2($myHTML) { |
| 3104 | 3104 | } |
| 3105 | 3105 | |
| 3106 | 3106 | /** |
| | 3107 | * Decode all (HTML) entities into characters in the blog's charset. |
| | 3108 | * |
| | 3109 | * Useful to export a string into JavaScript, passing into wp_json_encode() |
| | 3110 | * |
| | 3111 | * @since 4.1.0 |
| | 3112 | * |
| | 3113 | * @param string $string The text with encoded entities. |
| | 3114 | * @return string Decoded text. |
| | 3115 | */ |
| | 3116 | function wp_decode_entities( $string ) { |
| | 3117 | $quote_style = ENT_QUOTES; |
| | 3118 | if ( defined( 'ENT_HTML5' ) ) { |
| | 3119 | $quote_style |= ENT_HTML5; |
| | 3120 | } |
| | 3121 | return html_entity_decode( $string, $quote_style, get_bloginfo( 'charset' ) ); |
| | 3122 | } |
| | 3123 | |
| | 3124 | /** |
| 3107 | 3125 | * Escape single quotes, htmlspecialchar " < > &, and fix line endings. |
| 3108 | 3126 | * |
| 3109 | 3127 | * Escapes text strings for echoing in JS. It is intended to be used for inline JS |
diff --git tests/phpunit/tests/formatting/WPDecodeEntities.php tests/phpunit/tests/formatting/WPDecodeEntities.php
new file mode 100644
index 0000000..b78db5a
|
-
|
+
|
|
| | 1 | <?php |
| | 2 | /** |
| | 3 | * encoding: utf-8 |
| | 4 | */ |
| | 5 | |
| | 6 | /** |
| | 7 | * @group formatting |
| | 8 | */ |
| | 9 | class Tests_Formatting_WPDecodeEntities extends WP_UnitTestCase { |
| | 10 | |
| | 11 | function setUp() { |
| | 12 | parent::setUp(); |
| | 13 | if ( 'UTF-8' !== strtoupper( get_bloginfo( 'charset' ) ) ) { |
| | 14 | $this->markTestSkipped( 'Blog must be in UTF-8 since this is the encoding used in the source file.' ); |
| | 15 | } |
| | 16 | } |
| | 17 | |
| | 18 | function test_decode_quotes() { |
| | 19 | $encoded = 'This's "the" thing's thing.'; |
| | 20 | $decoded = 'This\'s "the" thing\'s thing.'; |
| | 21 | $this->assertEquals( $decoded, wp_decode_entities( $encoded ) ); |
| | 22 | } |
| | 23 | |
| | 24 | function test_decode_non_ascii() { |
| | 25 | $encoded = 'This’s “the” thing’s thing.'; |
| | 26 | $decoded = 'This’s “the” thing’s thing.'; |
| | 27 | $this->assertEquals( $decoded, wp_decode_entities( $encoded ) ); |
| | 28 | } |
| | 29 | } |