Make WordPress Core


Ignore:
Timestamp:
10/02/2004 12:46:30 AM (20 years ago)
Author:
emc3
Message:

Security: Clean up user inputs before using.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/functions.php

    r1726 r1727  
    17171717}
    17181718
     1719// Borrowed from the PHP Manual user notes. Convert entities, while
     1720// preserving already-encoded entities:
     1721function htmlentities2($myHTML) {
     1722    $translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
     1723    $translation_table[chr(38)] = '&';
     1724    return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($myHTML, $translation_table));
     1725}
     1726
    17191727?>
Note: See TracChangeset for help on using the changeset viewer.