Changeset 8387
- Timestamp:
- 07/21/2008 05:11:00 AM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/kses.php
r8386 r8387 851 851 $string2 = preg_split('/:|:|:/i', $string, 2); 852 852 if ( isset($string2[1]) && !preg_match('%/\?%', $string2[0]) ) 853 $string = wp_kses_bad_protocol_once2($string2[0] , $allowed_protocols) . trim($string2[1]);853 $string = wp_kses_bad_protocol_once2($string2[0]) . trim($string2[1]); 854 854 else 855 $string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', create_function('$matches', 'global $_kses_allowed_protocols; return wp_kses_bad_protocol_once2($matches[1], $_kses_allowed_protocols);'), $string);855 $string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', 'wp_kses_bad_protocol_once2', $string); 856 856 857 857 return $string; … … 866 866 * @since 1.0.0 867 867 * 868 * @param string $string Content to check for bad protocols 869 * @param array $allowed_protocols Allowed protocols 868 * @param mixed $matches string or preg_replace_callback() matches array to check for bad protocols 870 869 * @return string Sanitized content 871 870 */ 872 function wp_kses_bad_protocol_once2($string, $allowed_protocols) { 871 function wp_kses_bad_protocol_once2($matches) { 872 global $_kses_allowed_protocols; 873 874 if ( is_array($matches) ) { 875 if ( ! isset($matches[1]) || empty($matches[1]) ) 876 return ''; 877 878 $string = $matches[1]; 879 } else { 880 $string = $matches; 881 } 882 873 883 $string2 = wp_kses_decode_entities($string); 874 884 $string2 = preg_replace('/\s/', '', $string2); … … 879 889 880 890 $allowed = false; 881 foreach ( $allowed_protocols as $one_protocol)891 foreach ( (array) $_kses_allowed_protocols as $one_protocol) 882 892 if (strtolower($one_protocol) == $string2) { 883 893 $allowed = true; … … 911 921 912 922 $string = preg_replace('/&([A-Za-z][A-Za-z0-9]{0,19});/', '&\\1;', $string); 913 $string = preg_replace_callback('/&#0*([0-9]{1,5});/', create_function('$matches', 'return wp_kses_normalize_entities2($matches[1]);'), $string);914 $string = preg_replace_callback('/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', create_function('$matches', 'return wp_kses_normalize_entities3($matches[2]);'), $string);923 $string = preg_replace_callback('/&#0*([0-9]{1,5});/', 'wp_kses_normalize_entities2', $string); 924 $string = preg_replace_callback('/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', 'wp_kses_normalize_entities3', $string); 915 925 916 926 return $string; … … 925 935 * @since 1.0.0 926 936 * 927 * @param int $i Number encoded entity937 * @param array $matches preg_replace_callback() matches array 928 938 * @return string Correctly encoded entity 929 939 */ 930 function wp_kses_normalize_entities2($i) { 931 return ( (!valid_unicode($i)) || ($i > 65535) ? "&#$i;" : "&#$i;"); 940 function wp_kses_normalize_entities2($matches) { 941 if ( ! isset($matches[1]) || empty($matches[1]) ) 942 return ''; 943 944 $i = $matches[1]; 945 return ( ( ! valid_unicode($i) ) || ($i > 65535) ? "&#$i;" : "&#$i;" ); 932 946 } 933 947 … … 938 952 * in hex form. 939 953 * 940 * @param string $h Hex string of encoded entity954 * @param array $matches preg_replace_callback() matches array 941 955 * @return string Correctly encoded entity 942 956 */ 943 function wp_kses_normalize_entities3($hexchars) { 944 return ( (!valid_unicode(hexdec($hexchars))) ? "&#x$hexchars;" : "&#x$hexchars;"); 957 function wp_kses_normalize_entities3($matches) { 958 if ( ! isset($matches[2]) || empty($matches[2]) ) 959 return ''; 960 961 $hexchars = $matches[2]; 962 return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : "&#x$hexchars;" ); 945 963 } 946 964
Note: See TracChangeset
for help on using the changeset viewer.