Make WordPress Core


Ignore:
Timestamp:
09/15/2009 10:11:59 AM (15 years ago)
Author:
azaozz
Message:

Strip \r when escaping strings for JS, props nbachiyski, fixes #7041

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/formatting.php

    r11930 r11935  
    22002200
    22012201/**
    2202  * Escape single quotes, specialchar double quotes, and fix line endings.
    2203  *
     2202 * Escape single quotes, htmlspecialchar " < > &, and fix line endings.
     2203 *
     2204 * Escapes text strings for echoing in JS, both inline (for example in onclick="...")
     2205 * and inside <script> tag. Note that the strings have to be in single quotes.
    22042206 * The filter 'js_escape' is also applied here.
    22052207 *
     
    22132215    $safe_text = _wp_specialchars( $safe_text, ENT_COMPAT );
    22142216    $safe_text = preg_replace( '/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes( $safe_text ) );
    2215     $safe_text = preg_replace( "/\r?\n/", "\\n", addslashes( $safe_text ) );
     2217    $safe_text = str_replace( "\r", '', $safe_text );
     2218    $safe_text = str_replace( "\n", '\\n', addslashes( $safe_text ) );
    22162219    return apply_filters( 'js_escape', $safe_text, $text );
    22172220}
Note: See TracChangeset for help on using the changeset viewer.