WordPress.org
Get WordPress

Make WordPress Core

Changeset 1021


Ignore:
Timestamp:
03/29/2004 03:54:57 AM (22 years ago)
Author:
saxmatt
Message:

Fix for preg /e automatically adding slashes under some magic_quotes setting. BLAH.
Fix to not double escape values we're putting into the DB. This is an old, old bug from b2.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-includes/functions-formatting.php

    r985 r1021  
    7171    $pee = preg_replace('!(</?(?:table|thead|tbody|tr|td|th|div|dl|dd|dt|ul|ol|li|pre|select|form|blockquote|p|h[1-6])[^>]*>)\s*<br />!', "$1", $pee);
    7272    $pee = preg_replace('!<br />(\s*</?(?:p|li|div|dl|dd|dt|th|pre|td|ul|ol)>)!', '$1', $pee);
    73     $pee = preg_replace('!(<pre.*?>)(.*?)</pre>!ise', " '$1' .  clean_pre('$2')  . '</pre>' ", $pee);
     73    $pee = preg_replace('!(<pre.*?>)(.*?)</pre>!ise', " stripslashes('$1') .  clean_pre('$2')  . '</pre>' ", $pee);
    7474    $pee = preg_replace('/&([^#])(?![a-z]{1,8};)/', '&#038;$1', $pee);
    7575   
     
    225225    return $content;
    226226}
     227
    227228function unautobrize($content) {
    228229    $content = preg_replace("/<br>\n/", "\n", $content);   //for PHP versions before 4.0.5
     
    233234
    234235function format_to_edit($content) {
    235     global $autobr;
    236236    $content = stripslashes($content);
    237     if ($autobr) { $content = unautobrize($content); }
    238237    $content = htmlspecialchars($content);
    239238    return $content;
    240239}
     240
    241241function format_to_post($content) {
    242     global $post_autobr,$comment_autobr;
    243     $content = addslashes($content);
    244     if ($post_autobr || $comment_autobr) { $content = autobrize($content); }
     242    global $wpdb;
     243    $content = stripslashes(stripslashes($content));
     244    $content = $wpdb->escape($content);
    245245    return $content;
    246246}
Note: See TracChangeset for help on using the changeset viewer.