Make WordPress Core


Ignore:
Timestamp:
12/31/2009 04:57:54 AM (14 years ago)
Author:
azaozz
Message:

Fix Press This entity encoding, props noel, fixes #11390

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/press-this.php

    r12546 r12592  
    1313if ( ! current_user_can('edit_posts') )
    1414    wp_die( __( 'Cheatin’ uh?' ) );
    15 
    16 /**
    17  * Convert characters.
    18  *
    19  * @package WordPress
    20  * @subpackage Press_This
    21  * @since 2.6.0
    22  *
    23  * @param string $text
    24  * @return string
    25  */
    26 function aposfix($text) {
    27     $translation_table[chr(34)] = '"';
    28     $translation_table[chr(38)] = '&';
    29     $translation_table[chr(39)] = ''';
    30     return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($text, $translation_table));
    31 }
    3215
    3316/**
     
    9376
    9477// Set Variables
    95 $title = isset( $_GET['t'] ) ? trim( strip_tags( aposfix( stripslashes( $_GET['t'] ) ) ) ) : '';
    96 $selection = isset( $_GET['s'] ) ? trim( htmlspecialchars( html_entity_decode( aposfix( stripslashes( $_GET['s'] ) ) ) ) ) : '';
     78$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( stripslashes( $_GET['t'] ) , ENT_QUOTES) ) ) : '';
     79
     80$selection = '';
     81if ( !empty($_GET['s']) ) {
     82    $selection = str_replace(''', "'", stripslashes($_GET['s']));
     83    $selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) );
     84}
     85
    9786if ( ! empty($selection) ) {
    9887    $selection = preg_replace('/(\r?\n|\r)/', '</p><p>', $selection);
    99     $selection = '<p>'.str_replace('<p></p>', '', $selection).'</p>';
     88    $selection = '<p>' . str_replace('<p></p>', '', $selection) . '</p>';
    10089}
    10190
Note: See TracChangeset for help on using the changeset viewer.