WordPress.org

Make WordPress Core

Ticket #8497: 8497.diff

File 8497.diff, 4.8 KB (added by Denis-de-Bernardy, 9 years ago)

updated and enhanced patch

  • wp-includes/theme.php

     
    180180        $theme_data = implode( '', file( $theme_file ) );
    181181        $theme_data = str_replace ( '\r', '\n', $theme_data );
    182182        if ( preg_match( '|Theme Name:(.*)$|mi', $theme_data, $theme_name ) )
    183                 $name = $theme = wp_kses( trim( $theme_name[1] ), $themes_allowed_tags );
     183                $name = $theme = wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $theme_name[1]) ), $themes_allowed_tags );
    184184        else
    185185                $name = $theme = '';
    186186
    187187        if ( preg_match( '|Theme URI:(.*)$|mi', $theme_data, $theme_uri ) )
    188                 $theme_uri = clean_url( trim( $theme_uri[1] ) );
     188                $theme_uri = clean_url( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $theme_uri[1]) ) );
    189189        else
    190190                $theme_uri = '';
    191191
    192192        if ( preg_match( '|Description:(.*)$|mi', $theme_data, $description ) )
    193                 $description = wptexturize( wp_kses( trim( $description[1] ), $themes_allowed_tags ) );
     193                $description = wptexturize( wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $description[1]) ), $themes_allowed_tags ) );
    194194        else
    195195                $description = '';
    196196
    197197        if ( preg_match( '|Author URI:(.*)$|mi', $theme_data, $author_uri ) )
    198                 $author_uri = clean_url( trim( $author_uri[1]) );
     198                $author_uri = clean_url( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $author_uri[1]) ) );
    199199        else
    200200                $author_uri = '';
    201201
    202202        if ( preg_match( '|Template:(.*)$|mi', $theme_data, $template ) )
    203                 $template = wp_kses( trim( $template[1] ), $themes_allowed_tags );
     203                $template = wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $template[1]) ), $themes_allowed_tags );
    204204        else
    205205                $template = '';
    206206
    207207        if ( preg_match( '|Version:(.*)|i', $theme_data, $version ) )
    208                 $version = wp_kses( trim( $version[1] ), $themes_allowed_tags );
     208                $version = wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $version[1]) ), $themes_allowed_tags );
    209209        else
    210210                $version = '';
    211211
    212212        if ( preg_match('|Status:(.*)|i', $theme_data, $status) )
    213                 $status = wp_kses( trim( $status[1] ), $themes_allowed_tags );
     213                $status = wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $status[1]) ), $themes_allowed_tags );
    214214        else
    215215                $status = 'publish';
    216216
    217217        if ( preg_match('|Tags:(.*)|i', $theme_data, $tags) )
    218                 $tags = array_map( 'trim', explode( ',', wp_kses( trim( $tags[1] ), array() ) ) );
     218                $tags = array_map( 'trim', explode( ',', wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $tags[1]) ), array() ) ) );
    219219        else
    220220                $tags = array();
    221221
    222222        if ( preg_match( '|Author:(.*)$|mi', $theme_data, $author_name ) ) {
    223223                if ( empty( $author_uri ) ) {
    224                         $author = wp_kses( trim( $author_name[1] ), $themes_allowed_tags );
     224                        $author = wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $author_name[1]) ), $themes_allowed_tags );
    225225                } else {
    226                         $author = sprintf( '<a href="%1$s" title="%2$s">%3$s</a>', $author_uri, __( 'Visit author homepage' ), wp_kses( trim( $author_name[1] ), $themes_allowed_tags ) );
     226                        $author = sprintf( '<a href="%1$s" title="%2$s">%3$s</a>', $author_uri, __( 'Visit author homepage' ), wp_kses( trim( preg_replace("/\s*(?:\*\/|\?>).*/", '', $author_name[1]) ), $themes_allowed_tags ) );
    227227                }
    228228        } else {
    229229                $author = __('Anonymous');
  • wp-admin/includes/plugin.php

     
    8686
    8787        foreach ( array( 'name', 'uri', 'version', 'description', 'author_name', 'author_uri', 'text_domain', 'domain_path' ) as $field ) {
    8888                if ( !empty( ${$field} ) )
    89                         ${$field} = trim(${$field}[1]);
     89                        ${$field} = trim(preg_replace("/\s*(?:\*\/|\?>).*/", '', ${$field}[1]));
    9090                else
    9191                        ${$field} = '';
    9292        }
  • wp-admin/includes/file.php

     
    5252        elseif ( file_exists( WP_CONTENT_DIR . $file ) && is_file( WP_CONTENT_DIR . $file ) ) {
    5353                $template_data = implode( '', file( WP_CONTENT_DIR . $file ) );
    5454                if ( preg_match( '|Template Name:(.*)$|mi', $template_data, $name ))
    55                         return $name[1] . ' Page Template';
     55                        return preg_replace("/\s*(?:\*\/|\?>).*/", '', $name[1]) . ' Page Template';
    5656        }
    5757
    5858        return basename( $file );
  • wp-admin/includes/theme.php

     
    133133
    134134                        $name = '';
    135135                        if ( preg_match( '|Template Name:(.*)$|mi', $template_data, $name ) )
    136                                 $name = $name[1];
     136                                $name = preg_replace("/\s*(?:\*\/|\?>).*/", '', $name[1]);
    137137
    138138                        if ( !empty( $name ) ) {
    139139                                $page_templates[trim( $name )] = basename( $template );