Make WordPress Core


Ignore:
Timestamp:
01/09/2009 07:29:35 PM (16 years ago)
Author:
ryan
Message:

Use preg_replace_callback instead of preg_replace with eval. Props beaulebens. see #8689

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/kses.php

    r10150 r10339  
    395395 */
    396396function wp_kses_split($string, $allowed_html, $allowed_protocols) {
    397     return preg_replace('%((<!--.*?(-->|$))|(<[^>]*(>|$)|>))%e',
    398     "wp_kses_split2('\\1', \$allowed_html, ".'$allowed_protocols)', $string);
     397    global $pass_allowed_html, $pass_allowed_protocols;
     398    $pass_allowed_html = $allowed_html;
     399    $pass_allowed_protocols = $allowed_protocols;
     400    return preg_replace_callback('%((<!--.*?(-->|$))|(<[^>]*(>|$)|>))%',
     401        create_function('$match', 'global $pass_allowed_html, $pass_allowed_protocols; return wp_kses_split2($match[1], $pass_allowed_html, $pass_allowed_protocols);'), $string);
    399402}
    400403
     
    10001003 */
    10011004function wp_kses_decode_entities($string) {
    1002     $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
    1003     $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
     1005    $string = preg_replace_callback('/&#([0-9]+);/', create_function('$match', 'return chr($match[1]);'), $string);
     1006    $string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', create_function('$match', 'return chr(hexdec($match[1]));'), $string);
    10041007
    10051008    return $string;
Note: See TracChangeset for help on using the changeset viewer.