Changeset 32850
- Timestamp:
- 06/18/2015 09:59:10 PM (9 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/formatting.php
r32800 r32850 689 689 } 690 690 691 // Handle double encoding ourselves 692 if ( $double_encode ) { 693 $string = @htmlspecialchars( $string, $quote_style, $charset ); 694 } else { 695 // Decode & into & 696 $string = wp_specialchars_decode( $string, $_quote_style ); 697 698 // Guarantee every &entity; is valid or re-encode the & 699 $string = wp_kses_normalize_entities( $string ); 700 701 // Now re-encode everything except &entity; 702 $string = preg_split( '/(&#?x?[0-9a-z]+;)/i', $string, -1, PREG_SPLIT_DELIM_CAPTURE ); 703 704 for ( $i = 0, $c = count( $string ); $i < $c; $i += 2 ) { 705 $string[$i] = @htmlspecialchars( $string[$i], $quote_style, $charset ); 706 } 707 $string = implode( '', $string ); 708 } 691 $string = @htmlspecialchars( $string, $quote_style, $charset, $double_encode ); 709 692 710 693 // Backwards compatibility -
trunk/tests/phpunit/tests/formatting/EscAttr.php
r25002 r32850 27 27 28 28 function test_esc_attr_amp() { 29 $out = esc_attr( 'foo & bar &baz; & apos;' );30 $this->assertEquals( "foo & bar &baz; & apos;", $out );29 $out = esc_attr( 'foo & bar &baz; ' ); 30 $this->assertEquals( "foo & bar &baz; ", $out ); 31 31 } 32 32 } -
trunk/tests/phpunit/tests/formatting/EscHtml.php
r25002 r32850 35 35 function test_ignores_existing_entities() { 36 36 $source = '& £ " &'; 37 $res = '& amp; £ " &';37 $res = '& £ " &'; 38 38 $this->assertEquals( $res, esc_html($source) ); 39 39 } -
trunk/tests/phpunit/tests/formatting/JSEscape.php
r25002 r32850 24 24 25 25 function test_js_escape_amp() { 26 $out = esc_js('foo & bar &baz; & apos;');27 $this->assertEquals("foo & bar &baz; & apos;", $out);26 $out = esc_js('foo & bar &baz; '); 27 $this->assertEquals("foo & bar &baz; ", $out); 28 28 } 29 29 30 30 function test_js_escape_quote_entity() { 31 31 $out = esc_js('foo ' bar ' baz &'); 32 $this->assertEquals("foo \\' bar \\' baz & amp;", $out);32 $this->assertEquals("foo \\' bar \\' baz &", $out); 33 33 } 34 34 -
trunk/tests/phpunit/tests/formatting/WPSpecialchars.php
r25002 r32850 18 18 // Allowed entities should be unchanged 19 19 foreach ( $allowedentitynames as $ent ) { 20 if ( 'apos' == $ent ) { 21 // But for some reason, PHP doesn't allow ' 22 continue; 23 } 20 24 $ent = '&' . $ent . ';'; 21 25 $this->assertEquals( $ent, _wp_specialchars( $ent ) ); … … 40 44 $this->assertEquals( $source, _wp_specialchars($source) ); 41 45 } 46 47 /** 48 * Check some of the double-encoding features for entity references. 49 * 50 * @ticket 17780 51 * @dataProvider data_double_encoding 52 */ 53 function test_double_encoding( $input, $output ) { 54 return $this->assertEquals( $output, _wp_specialchars( $input, ENT_NOQUOTES, false, true ) ); 55 } 56 57 function data_double_encoding() { 58 return array( 59 array( 60 'This & that, this & that, — " " Ú " " " " " $ ×', 61 'This & that, this &amp; that, &#8212; &quot; &QUOT; &Uacute; &nbsp; &#34; &#034; &#0034; &#x00022; &#x22; &dollar; &times;', 62 ), 63 array( 64 '&& && && &;', 65 '&& &&amp; &amp;&amp; &amp;;', 66 ), 67 array( 68 '&garbage; &***; &aaaa; &0000; &####; &;;', 69 '&garbage; &***; &aaaa; &0000; &####; &;;', 70 ), 71 ); 72 } 73 74 /** 75 * Check some of the double-encoding features for entity references. 76 * 77 * @ticket 17780 78 * @dataProvider data_no_double_encoding 79 */ 80 function test_no_double_encoding( $input, $output ) { 81 return $this->assertEquals( $output, _wp_specialchars( $input, ENT_NOQUOTES, false, false ) ); 82 } 83 84 function data_no_double_encoding() { 85 return array( 86 array( 87 'This & that, this & that, — " " Ú " " " " " $ ×', 88 'This & that, this & that, — " &QUOT; Ú " " " " " &dollar; ×', 89 ), 90 array( 91 '&& && && &;', 92 '&& && && &;', 93 ), 94 array( 95 '&garbage; &***; &aaaa; &0000; &####; &;;', 96 '&garbage; &***; &aaaa; &0000; &####; &;;', 97 ), 98 ); 99 } 42 100 }
Note: See TracChangeset
for help on using the changeset viewer.