Make WordPress Core

Opened 11 years ago

Closed 7 years ago

Last modified 6 years ago

#1376 closed defect (bug) (worksforme)

Comment HTML cleaner mangles PHP open tag

Reported by: anonymousbugger Owned by: westi
Milestone: Priority: normal
Severity: trivial Version: 1.5
Component: General Keywords:
Focuses: Cc:


When posting a comment like:

<code> <?php echo 'Hello.'; ?> </code>

It gets saved in the database as:

<code> < ?php echo 'Hello.'; ?> </code>

Notice the space between < and ?php.

This doesn't happen with posts, only comments.

Change History (12)

#1 @anonymousbugger
11 years ago

  • Patch set to No

#2 @anonymousbugger
11 years ago

<code><?php echo 'Hello.'; ?></code>


<code><? php echo 'Hello.'; ?></code>

#3 @anonymousbugger
11 years ago

This also happens when using the <pre> tag in a comment:

<pre><?php echo 'Hello.'; ?></pre>


<pre><? php echo 'Hello.'; ?></pre>

#4 @anonymousbugger
11 years ago


It happens with the [pre] tag as well.

#5 @Nazgul
9 years ago

  • Keywords needs-patch added
  • Milestone set to 2.1

#6 @matt
9 years ago

  • Milestone changed from 2.1 to 2.2

#7 @rob1n
9 years ago

  • Resolution set to wontfix
  • Status changed from new to closed

I don't see the issue... PHP code won't be executed in comments, unless you have a death wish, and it doesn't automatically escape <'s and >'s in the comments.

#8 @rob1n
9 years ago

  • Keywords needs-patch removed
  • Milestone 2.2 deleted

#9 @everah
7 years ago

  • Resolution wontfix deleted
  • Status changed from closed to reopened
  • Version changed from 1.5.1 to 1.5

I know this is an old bug, but this is still happening not only in comments but in regular posts/pages as well, even through 2.6. This is not an issue of executing PHP, it is an issue of being able to post code that others can copy and paste for use in their own applications.

I have posted this issue to the forums before:



And while I can always go and edit the post functions that handle the tag balancing, every time I update my installation of Wordpress my changes get wiped out. Is there a way that the core of Wordpress can be updated so that posting <?php tags does not create the space between the opening tag bracket and the question mark? This should be applied to PHP tags, Doctype declarations and XML opening tags since they do not have balance matched tags.

And for the record, Wordpress also mangles doctype declarations in posts as well (<!DOCTYPE).

An example for you to view can be found here:


#10 @westi
7 years ago

  • Milestone set to 2.7
  • Owner changed from anonymous to westi
  • Status changed from reopened to new

#11 @santosj
7 years ago

  • Resolution set to worksforme
  • Status changed from new to closed

All PHP code within the comments are stripped out solving the issue. A plugin should be used to save the code and probably display in a better format.

Creating a post with the code works.

#12 @santosj
7 years ago

  • Milestone 2.7 deleted
Note: See TracTickets for help on using tickets.