Make WordPress Core

Ticket #30967: 30967.diff

File 30967.diff, 609 bytes (added by MikeHansenMe, 10 years ago)
  • src/wp-includes/formatting.php

     
    13501350        //Limit to A-Z,a-z,0-9,_,-
    13511351        $sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );
    13521352
    1353         if ( '' == $sanitized )
    1354                 $sanitized = $fallback;
     1353        if ( '' == $sanitized ) {
     1354                $sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $fallback );
     1355                $sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );
     1356        }
    13551357
    13561358        /**
    13571359         * Filter a sanitized HTML class string.