Changeset 32603
- Timestamp:
- 05/26/2015 06:05:22 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/kses.php
r31205 r32603 514 514 * @since 1.0.0 515 515 * 516 * @param string $string Content to filter through kses517 * @param array $allowed_htmlList of allowed HTML elements518 * @param array $allowed_protocols Optional. Allowed protocol in links.516 * @param string $string Content to filter through kses 517 * @param array $allowed_html List of allowed HTML elements 518 * @param array $allowed_protocols Optional. Allowed protocol in links. 519 519 * @return string Filtered content with only allowed HTML elements 520 520 */ … … 534 534 * @since 3.5.0 535 535 * 536 * @param string $context The context for which to retrieve tags. Allowed values are 537 * post | strip | data | entities or the name of a field filter such as pre_user_description. 536 * @global array $allowedposttags 537 * @global array $allowedtags 538 * @global array $allowedentitynames 539 * 540 * @param string $context The context for which to retrieve tags. 541 * Allowed values are post, strip, data,entities, or 542 * the name of a field filter such as pre_user_description. 538 543 * @return array List of allowed tags and their allowed attributes. 539 544 */ … … 589 594 * @since 1.0.0 590 595 * 591 * @param string $string Content to filter through kses592 * @param array $allowed_htmlList of allowed HTML elements593 * @param array $allowed_protocols Allowed protocol in links596 * @param string $string Content to filter through kses 597 * @param array $allowed_html List of allowed HTML elements 598 * @param array $allowed_protocols Allowed protocol in links 594 599 * @return string Filtered content through 'pre_kses' hook 595 600 */ … … 604 609 * @param array $allowed_protocols Allowed protocol in links. 605 610 */ 606 $string = apply_filters( 'pre_kses', $string, $allowed_html, $allowed_protocols ); 607 return $string; 611 return apply_filters( 'pre_kses', $string, $allowed_html, $allowed_protocols ); 608 612 } 609 613 … … 626 630 * @since 1.0.0 627 631 * 628 * @param string $string Content to filter 629 * @param array $allowed_html Allowed HTML elements 630 * @param array $allowed_protocols Allowed protocols to keep 632 * @global array $pass_allowed_html 633 * @global array $pass_allowed_protocols 634 * 635 * @param string $string Content to filter 636 * @param array $allowed_html Allowed HTML elements 637 * @param array $allowed_protocols Allowed protocols to keep 631 638 * @return string Content with fixed HTML tags 632 639 */ … … 643 650 * @since 3.1.0 644 651 * @access private 652 * 653 * @global array $pass_allowed_html 654 * @global array $pass_allowed_protocols 655 * 656 * @return string 645 657 */ 646 658 function _wp_kses_split_callback( $match ) { … … 664 676 * @since 1.0.0 665 677 * 666 * @param string $string Content to filter667 * @param array $allowed_htmlAllowed HTML elements668 * @param array $allowed_protocols Allowed protocols to keep678 * @param string $string Content to filter 679 * @param array $allowed_html Allowed HTML elements 680 * @param array $allowed_protocols Allowed protocols to keep 669 681 * @return string Fixed HTML element 670 682 */ … … 723 735 * @since 1.0.0 724 736 * 725 * @param string $element HTML element/tag726 * @param string $attr HTML attributes from HTML element to closing HTML element tag727 * @param array $allowed_htmlAllowed HTML elements728 * @param array $allowed_protocols Allowed protocols to keep737 * @param string $element HTML element/tag 738 * @param string $attr HTML attributes from HTML element to closing HTML element tag 739 * @param array $allowed_html Allowed HTML elements 740 * @param array $allowed_protocols Allowed protocols to keep 729 741 * @return string Sanitized HTML element 730 742 */ … … 808 820 * @since 1.0.0 809 821 * 810 * @param string $attr Attribute list from HTML element to closing HTML element tag811 * @param array $allowed_protocols Allowed protocols to keep822 * @param string $attr Attribute list from HTML element to closing HTML element tag 823 * @param array $allowed_protocols Allowed protocols to keep 812 824 * @return array List of attributes after parsing 813 825 */ … … 932 944 * @since 1.0.0 933 945 * 934 * @param string $value Attribute value935 * @param string $vless Whether the value is valueless. Use 'y' or 'n'936 * @param string $checkname What $checkvalue is checking for.937 * @param mixed $checkvalue What constraint the value should pass946 * @param string $value Attribute value 947 * @param string $vless Whether the value is valueless. Use 'y' or 'n' 948 * @param string $checkname What $checkvalue is checking for. 949 * @param mixed $checkvalue What constraint the value should pass 938 950 * @return bool Whether check passes 939 951 */ … … 1006 1018 * @since 1.0.0 1007 1019 * 1008 * @param string $string Content to filter bad protocols from1009 * @param array $allowed_protocols Allowed protocols to keep1020 * @param string $string Content to filter bad protocols from 1021 * @param array $allowed_protocols Allowed protocols to keep 1010 1022 * @return string Filtered content 1011 1023 */ … … 1117 1129 * @since 1.0.0 1118 1130 * 1119 * @param string $string Content to check for bad protocols1131 * @param string $string Content to check for bad protocols 1120 1132 * @param string $allowed_protocols Allowed protocols 1121 1133 * @return string Sanitized content … … 1148 1160 * @since 1.0.0 1149 1161 * 1150 * @param string $string URI scheme to check against the whitelist1162 * @param string $string URI scheme to check against the whitelist 1151 1163 * @param string $allowed_protocols Allowed protocols 1152 1164 * @return string Sanitized content … … 1184 1196 function wp_kses_normalize_entities($string) { 1185 1197 // Disarm all entities by converting & to & 1186 1187 1198 $string = str_replace('&', '&', $string); 1188 1199 1189 1200 // Change back the allowed entities in our entity whitelist 1190 1191 1201 $string = preg_replace_callback('/&([A-Za-z]{2,8}[0-9]{0,2});/', 'wp_kses_named_entities', $string); 1192 1202 $string = preg_replace_callback('/&#(0*[0-9]{1,7});/', 'wp_kses_normalize_entities2', $string); … … 1204 1214 * @since 3.0.0 1205 1215 * 1216 * @global array $allowedentitynames 1217 * 1206 1218 * @param array $matches preg_replace_callback() matches array 1207 1219 * @return string Correctly encoded entity … … 1214 1226 1215 1227 $i = $matches[1]; 1216 return ( ( ! in_array($i, $allowedentitynames) ) ? "&$i;" : "&$i;" );1228 return ( ! in_array( $i, $allowedentitynames ) ) ? "&$i;" : "&$i;"; 1217 1229 } 1218 1230 … … 1260 1272 1261 1273 $hexchars = $matches[1]; 1262 return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';' );1274 return ( ! valid_unicode( hexdec( $hexchars ) ) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';'; 1263 1275 } 1264 1276 … … 1336 1348 */ 1337 1349 function wp_kses_data( $data ) { 1338 return wp_kses( $data 1350 return wp_kses( $data, current_filter() ); 1339 1351 } 1340 1352 … … 1350 1362 * @return string Filtered post content with allowed HTML tags and attributes intact. 1351 1363 */ 1352 function wp_filter_post_kses( $data) {1353 return addslashes 1364 function wp_filter_post_kses( $data ) { 1365 return addslashes( wp_kses( stripslashes( $data ), 'post' ) ); 1354 1366 } 1355 1367 … … 1365 1377 * @return string Filtered post content with allowed HTML tags and attributes intact. 1366 1378 */ 1367 function wp_kses_post( $data) {1368 return wp_kses( $data 1379 function wp_kses_post( $data ) { 1380 return wp_kses( $data, 'post' ); 1369 1381 } 1370 1382 … … 1378 1390 */ 1379 1391 function wp_filter_nohtml_kses( $data ) { 1380 return addslashes 1392 return addslashes( wp_kses( stripslashes( $data ), 'strip' ) ); 1381 1393 } 1382 1394
Note: See TracChangeset
for help on using the changeset viewer.