WordPress.org

Make WordPress Core

Opened 9 years ago

Closed 6 years ago

Last modified 4 years ago

#1376 closed defect (bug) (worksforme)

Comment HTML cleaner mangles PHP open tag

Reported by: anonymousbugger Owned by: westi
Milestone: Priority: normal
Severity: trivial Version: 1.5
Component: General Keywords:
Focuses: Cc:

Description

When posting a comment like:

<code> <?php echo 'Hello.'; ?> </code>

It gets saved in the database as:

<code> < ?php echo 'Hello.'; ?> </code>

Notice the space between < and ?php.

This doesn't happen with posts, only comments.

Change History (12)

comment:1 anonymousbugger9 years ago

  • Patch set to No

comment:2 anonymousbugger9 years ago

<code><?php echo 'Hello.'; ?></code>

becomes:

<code><? php echo 'Hello.'; ?></code>

comment:3 anonymousbugger9 years ago

This also happens when using the <pre> tag in a comment:

<pre><?php echo 'Hello.'; ?></pre>

becomes:

<pre><? php echo 'Hello.'; ?></pre>

comment:4 anonymousbugger9 years ago

Gah...

It happens with the [pre] tag as well.

comment:5 Nazgul8 years ago

  • Keywords needs-patch added
  • Milestone set to 2.1

comment:6 matt7 years ago

  • Milestone changed from 2.1 to 2.2

comment:7 rob1n7 years ago

  • Resolution set to wontfix
  • Status changed from new to closed

I don't see the issue... PHP code won't be executed in comments, unless you have a death wish, and it doesn't automatically escape <'s and >'s in the comments.

comment:8 rob1n7 years ago

  • Keywords needs-patch removed
  • Milestone 2.2 deleted

comment:9 everah6 years ago

  • Resolution wontfix deleted
  • Status changed from closed to reopened
  • Version changed from 1.5.1 to 1.5

I know this is an old bug, but this is still happening not only in comments but in regular posts/pages as well, even through 2.6. This is not an issue of executing PHP, it is an issue of being able to post code that others can copy and paste for use in their own applications.

I have posted this issue to the forums before:

http://wordpress.org/support/topic/128209

http://wordpress.org/support/topic/128236

And while I can always go and edit the post functions that handle the tag balancing, every time I update my installation of Wordpress my changes get wiped out. Is there a way that the core of Wordpress can be updated so that posting <?php tags does not create the space between the opening tag bracket and the question mark? This should be applied to PHP tags, Doctype declarations and XML opening tags since they do not have balance matched tags.

And for the record, Wordpress also mangles doctype declarations in posts as well (<!DOCTYPE).

An example for you to view can be found here:

http://www.robert-gonzalez.com/2008/06/17/fun-with-php-and-simple-xml-amber-alerts/

comment:10 westi6 years ago

  • Milestone set to 2.7
  • Owner changed from anonymous to westi
  • Status changed from reopened to new

comment:11 santosj6 years ago

  • Resolution set to worksforme
  • Status changed from new to closed

All PHP code within the comments are stripped out solving the issue. A plugin should be used to save the code and probably display in a better format.

Creating a post with the code works.

comment:12 santosj6 years ago

  • Milestone 2.7 deleted
Note: See TracTickets for help on using tickets.