Make WordPress Core


Ignore:
Timestamp:
06/15/2007 05:22:38 PM (18 years ago)
Author:
ryan
Message:

Use CDATA escaping on fields. Props tellyworth. fixes #4452

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/import/wordpress.php

    r5700 r5711  
    3838        global $wpdb;
    3939        preg_match("|<$tag.*?>(.*?)</$tag>|is", $string, $return);
    40         $return = $wpdb->escape( trim( $return[1] ) );
     40        $return = preg_replace('|<!\[CDATA\[(.*)\]\]>|', '$1', $return[1]);
     41        $return = $wpdb->escape( trim( $return ) );
    4142        return $return;
    4243    }
     
    216217
    217218        while ( $c = array_shift($this->categories) ) {
    218             $cat_name = trim(str_replace(array ('<![CDATA[', ']]>'), '', $this->get_tag( $c, 'wp:cat_name' )));
     219            $cat_name = trim($this->get_tag( $c, 'wp:cat_name' ));
    219220
    220221            // If the category exists we leave it alone
     
    275276
    276277        $post_content = $this->get_tag( $post, 'content:encoded' );
    277         $post_content = str_replace(array ('<![CDATA[', ']]>'), '', $post_content);
    278278        $post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
    279279        $post_content = str_replace('<br>', '<br />', $post_content);
Note: See TracChangeset for help on using the changeset viewer.