WordPress.org

Make WordPress Core

Changeset 12592


Ignore:
Timestamp:
12/31/09 04:57:54 (4 years ago)
Author:
azaozz
Message:

Fix Press This entity encoding, props noel, fixes #11390

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/press-this.php

    r12546 r12592  
    1313if ( ! current_user_can('edit_posts') ) 
    1414    wp_die( __( 'Cheatin’ uh?' ) ); 
    15  
    16 /** 
    17  * Convert characters. 
    18  * 
    19  * @package WordPress 
    20  * @subpackage Press_This 
    21  * @since 2.6.0 
    22  * 
    23  * @param string $text 
    24  * @return string 
    25  */ 
    26 function aposfix($text) { 
    27     $translation_table[chr(34)] = '"'; 
    28     $translation_table[chr(38)] = '&'; 
    29     $translation_table[chr(39)] = '''; 
    30     return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($text, $translation_table)); 
    31 } 
    3215 
    3316/** 
     
    9376 
    9477// Set Variables 
    95 $title = isset( $_GET['t'] ) ? trim( strip_tags( aposfix( stripslashes( $_GET['t'] ) ) ) ) : ''; 
    96 $selection = isset( $_GET['s'] ) ? trim( htmlspecialchars( html_entity_decode( aposfix( stripslashes( $_GET['s'] ) ) ) ) ) : ''; 
     78$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( stripslashes( $_GET['t'] ) , ENT_QUOTES) ) ) : ''; 
     79 
     80$selection = ''; 
     81if ( !empty($_GET['s']) ) { 
     82    $selection = str_replace(''', "'", stripslashes($_GET['s'])); 
     83    $selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) ); 
     84} 
     85 
    9786if ( ! empty($selection) ) { 
    9887    $selection = preg_replace('/(\r?\n|\r)/', '</p><p>', $selection); 
    99     $selection = '<p>'.str_replace('<p></p>', '', $selection).'</p>'; 
     88    $selection = '<p>' . str_replace('<p></p>', '', $selection) . '</p>'; 
    10089} 
    10190 
Note: See TracChangeset for help on using the changeset viewer.