Ticket #8497: 8497.3.diff

wp-includes/theme.php

@@ -162 +162 @@
  * @return array Theme data.
  */
 function get_theme_data( $theme_file ) {
+        if( !function_exists( '_cleanup_header_comment' ) )
+                require_once( ABSPATH . 'wp-admin/includes/misc.php' );
+
         $themes_allowed_tags = array(
                 'a' => array(
                         'href' => array(),'title' => array()
@@ -180 +183 @@
         $theme_data = implode( '', file( $theme_file ) );
         $theme_data = str_replace ( '\r', '\n', $theme_data );
         if ( preg_match( '|Theme Name:(.*)$|mi', $theme_data, $theme_name ) )
-                $name = $theme = wp_kses( trim( $theme_name[1] ), $themes_allowed_tags );
+                $name = $theme = wp_kses( _cleanup_header_comment($theme_name[1]), $themes_allowed_tags );
         else
                 $name = $theme = '';
 
         if ( preg_match( '|Theme URI:(.*)$|mi', $theme_data, $theme_uri ) )
-                $theme_uri = clean_url( trim( $theme_uri[1] ) );
+                $theme_uri = clean_url( _cleanup_header_comment($theme_uri[1]) );
         else
                 $theme_uri = '';
 
         if ( preg_match( '|Description:(.*)$|mi', $theme_data, $description ) )
-                $description = wptexturize( wp_kses( trim( $description[1] ), $themes_allowed_tags ) );
+                $description = wptexturize( wp_kses( _cleanup_header_comment($description[1]), $themes_allowed_tags ) );
         else
                 $description = '';
 
         if ( preg_match( '|Author URI:(.*)$|mi', $theme_data, $author_uri ) )
-                $author_uri = clean_url( trim( $author_uri[1]) );
+                $author_uri = clean_url( _cleanup_header_comment($author_uri[1]) );
         else
                 $author_uri = '';
 
         if ( preg_match( '|Template:(.*)$|mi', $theme_data, $template ) )
-                $template = wp_kses( trim( $template[1] ), $themes_allowed_tags );
+                $template = wp_kses( _cleanup_header_comment($template[1]), $themes_allowed_tags );
         else
                 $template = '';
 
         if ( preg_match( '|Version:(.*)|i', $theme_data, $version ) )
-                $version = wp_kses( trim( $version[1] ), $themes_allowed_tags );
+                $version = wp_kses( _cleanup_header_comment($version[1]), $themes_allowed_tags );
         else
                 $version = '';
 
         if ( preg_match('|Status:(.*)|i', $theme_data, $status) )
-                $status = wp_kses( trim( $status[1] ), $themes_allowed_tags );
+                $status = wp_kses( _cleanup_header_comment($status[1]), $themes_allowed_tags );
         else
                 $status = 'publish';
 
         if ( preg_match('|Tags:(.*)|i', $theme_data, $tags) )
-                $tags = array_map( 'trim', explode( ',', wp_kses( trim( $tags[1] ), array() ) ) );
+                $tags = array_map( 'trim', explode( ',', wp_kses( _cleanup_header_comment($tags[1]), array() ) ) );
         else
                 $tags = array();
 
         if ( preg_match( '|Author:(.*)$|mi', $theme_data, $author_name ) ) {
                 if ( empty( $author_uri ) ) {
-                        $author = wp_kses( trim( $author_name[1] ), $themes_allowed_tags );
+                        $author = wp_kses( _cleanup_header_comment($author_name[1]), $themes_allowed_tags );
                 } else {
-                        $author = sprintf( '<a href="%1$s" title="%2$s">%3$s</a>', $author_uri, __( 'Visit author homepage' ), wp_kses( trim( $author_name[1] ), $themes_allowed_tags ) );
+                        $author = sprintf( '<a href="%1$s" title="%2$s">%3$s</a>', $author_uri, __( 'Visit author homepage' ), wp_kses( _cleanup_header_comment($author_name[1]), $themes_allowed_tags ) );
                 }
         } else {
                 $author = __('Anonymous');

wp-admin/includes/plugin.php

@@ -66 +66 @@
  * @return array See above for description.
  */
 function get_plugin_data( $plugin_file, $markup = true, $translate = true ) {
+        if( !function_exists( '_cleanup_header_comment' ) )
+                require_once( ABSPATH . 'wp-admin/includes/misc.php' );
+        
         // We don't need to write to the file, so just open for reading.
         $fp = fopen($plugin_file, 'r');
 
@@ -86 +89 @@
 
         foreach ( array( 'name', 'uri', 'version', 'description', 'author_name', 'author_uri', 'text_domain', 'domain_path' ) as $field ) {
                 if ( !empty( ${$field} ) )
-                        ${$field} = trim(${$field}[1]);
+                        ${$field} = _cleanup_header_comment(${$field}[1]);
                 else
                         ${$field} = '';
         }

wp-admin/includes/file.php

@@ -52 +52 @@
         elseif ( file_exists( WP_CONTENT_DIR . $file ) && is_file( WP_CONTENT_DIR . $file ) ) {
                 $template_data = implode( '', file( WP_CONTENT_DIR . $file ) );
                 if ( preg_match( '|Template Name:(.*)$|mi', $template_data, $name ))
-                        return $name[1] . ' Page Template';
+                        return _cleanup_header_comment($name[1]) . ' Page Template';
         }
 
         return basename( $file );

wp-admin/includes/misc.php

@@ -370 +370 @@
                 exit;
         }
 }
+
+
+/**
+ * Strip close comment and close php tags from file headers used by WP
+ * See http://core.trac.wordpress.org/ticket/8497
+ *
+ * @since 2.8
+**/
+function _cleanup_header_comment($str) {
+        return trim(preg_replace("/\s*(?:\*\/|\?>).*/", '', $str));
+}
+

wp-admin/includes/theme.php

@@ -133 +133 @@
 
                         $name = '';
                         if ( preg_match( '|Template Name:(.*)$|mi', $template_data, $name ) )
-                                $name = $name[1];
+                                $name = _cleanup_header_comment($name[1]);
 
                         if ( !empty( $name ) ) {
                                 $page_templates[trim( $name )] = basename( $template );