Changeset 15559 for trunk/wp-includes/default-filters.php
- Timestamp:
- 09/02/2010 03:06:07 PM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/default-filters.php
r15377 r15559 22 22 // Strip, kses, special chars for string display 23 23 foreach ( array( 'term_name', 'comment_author_name', 'link_name', 'link_target', 'link_rel', 'user_display_name', 'user_first_name', 'user_last_name', 'user_nickname' ) as $filter ) { 24 add_filter( $filter, 'sanitize_text_field' ); 25 add_filter( $filter, 'wp_kses_data' ); 24 if ( is_admin() ) { 25 // These are expensive. Run only on admin pages for defense in depth. 26 add_filter( $filter, 'sanitize_text_field' ); 27 add_filter( $filter, 'wp_kses_data' ); 28 } 26 29 add_filter( $filter, '_wp_specialchars', 30 ); 27 30 } … … 32 35 } 33 36 34 // Kses only for textarea saves displays 35 foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) { 36 add_filter( $filter, 'wp_kses_data' ); 37 // Kses only for textarea admin displays 38 if ( is_admin() ) { 39 foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) { 40 add_filter( $filter, 'wp_kses_data' ); 41 } 37 42 } 38 43 … … 44 49 } 45 50 46 // Email display51 // Email admin display 47 52 foreach ( array( 'comment_author_email', 'user_email' ) as $filter ) { 48 53 add_filter( $filter, 'sanitize_email' ); 49 add_filter( $filter, 'wp_kses_data' ); 54 if ( is_admin() ) 55 add_filter( $filter, 'wp_kses_data' ); 50 56 } 51 57 … … 60 66 // Display URL 61 67 foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url' ) as $filter ) { 62 add_filter( $filter, 'wp_strip_all_tags' ); 68 if ( is_admin() ) 69 add_filter( $filter, 'wp_strip_all_tags' ); 63 70 add_filter( $filter, 'esc_url' ); 64 add_filter( $filter, 'wp_kses_data' ); 71 if ( is_admin() ) 72 add_filter( $filter, 'wp_kses_data' ); 65 73 } 66 74
Note: See TracChangeset
for help on using the changeset viewer.