Changeset 32979 for trunk/src/wp-includes/ID3/getid3.lib.php
- Timestamp:
- 06/28/2015 12:16:17 AM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/ID3/getid3.lib.php
r29734 r32979 520 520 521 521 public static function XML2array($XMLstring) { 522 if ( function_exists( 'simplexml_load_string' ) && function_exists( 'libxml_disable_entity_loader' ) ) { 523 $loader = libxml_disable_entity_loader( true ); 524 $XMLobject = simplexml_load_string( $XMLstring, 'SimpleXMLElement', LIBXML_NOENT ); 525 $return = self::SimpleXMLelement2array( $XMLobject ); 526 libxml_disable_entity_loader( $loader ); 522 if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) { 523 // http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html 524 // https://core.trac.wordpress.org/changeset/29378 525 $loader = libxml_disable_entity_loader(true); 526 $XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', LIBXML_NOENT); 527 $return = self::SimpleXMLelement2array($XMLobject); 528 libxml_disable_entity_loader($loader); 527 529 return $return; 528 530 } … … 1164 1166 fclose($tmp); 1165 1167 $GetDataImageSize = @getimagesize($tempfilename, $imageinfo); 1168 $GetDataImageSize['height'] = $GetDataImageSize[0]; 1169 $GetDataImageSize['width'] = $GetDataImageSize[1]; 1166 1170 } 1167 1171 unlink($tempfilename);
Note: See TracChangeset
for help on using the changeset viewer.