Make WordPress Core

Changeset 13648


Ignore:
Timestamp:
03/10/2010 06:45:28 PM (15 years ago)
Author:
ryan
Message:

Fix numeric entity logic in kses. Props miqrogroove. see #12284

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/kses.php

    r13561 r13648  
    997997
    998998    $string = preg_replace_callback('/&([A-Za-z]{2,8});/', 'wp_kses_named_entities', $string);
    999     $string = preg_replace_callback('/&#0*([0-9]{1,5});/', 'wp_kses_normalize_entities2', $string);
    1000     $string = preg_replace_callback('/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', 'wp_kses_normalize_entities3', $string);
     999    $string = preg_replace_callback('/&#(0*[0-9]{1,7});/', 'wp_kses_normalize_entities2', $string);
     1000    $string = preg_replace_callback('/&#[Xx](0*[0-9A-Fa-f]{1,6});/', 'wp_kses_normalize_entities3', $string);
    10011001
    10021002    return $string;
     
    10411041
    10421042    $i = $matches[1];
    1043     return ( ( ! valid_unicode($i) ) || ($i > 65535) ? "&#$i;" : "&#$i;" );
     1043    if (valid_unicode($i)) {
     1044        $i = str_pad(ltrim($i,'0'), 3, '0', STR_PAD_LEFT);
     1045        $i = "&#$i;";
     1046    } else {
     1047        $i = "&#$i;";
     1048    }
     1049
     1050    return $i;
    10441051}
    10451052
     
    10561063 */
    10571064function wp_kses_normalize_entities3($matches) {
    1058     if ( empty($matches[2]) )
     1065    if ( empty($matches[1]) )
    10591066        return '';
    10601067
    1061     $hexchars = $matches[2];
    1062     return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : "&#x$hexchars;" );
     1068    $hexchars = $matches[1];
     1069    return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';' );
    10631070}
    10641071
Note: See TracChangeset for help on using the changeset viewer.