WordPress.org

Make WordPress Core

Opened 10 years ago

Closed 7 years ago

Last modified 6 years ago

#1376 closed defect (bug) (worksforme)

Comment HTML cleaner mangles PHP open tag

Reported by: anonymousbugger Owned by: westi
Milestone: Priority: normal
Severity: trivial Version: 1.5
Component: General Keywords:
Focuses: Cc:

Description

When posting a comment like:

<code> <?php echo 'Hello.'; ?> </code>

It gets saved in the database as:

<code> < ?php echo 'Hello.'; ?> </code>

Notice the space between < and ?php.

This doesn't happen with posts, only comments.

Change History (12)

comment:1 @anonymousbugger10 years ago

  • Patch set to No

comment:2 @anonymousbugger10 years ago

<code><?php echo 'Hello.'; ?></code>

becomes:

<code><? php echo 'Hello.'; ?></code>

comment:3 @anonymousbugger10 years ago

This also happens when using the <pre> tag in a comment:

<pre><?php echo 'Hello.'; ?></pre>

becomes:

<pre><? php echo 'Hello.'; ?></pre>

comment:4 @anonymousbugger10 years ago

Gah...

It happens with the [pre] tag as well.

comment:5 @Nazgul9 years ago

  • Keywords needs-patch added
  • Milestone set to 2.1

comment:6 @matt9 years ago

  • Milestone changed from 2.1 to 2.2

comment:7 @rob1n9 years ago

  • Resolution set to wontfix
  • Status changed from new to closed

I don't see the issue... PHP code won't be executed in comments, unless you have a death wish, and it doesn't automatically escape <'s and >'s in the comments.

comment:8 @rob1n9 years ago

  • Keywords needs-patch removed
  • Milestone 2.2 deleted

comment:9 @everah7 years ago

  • Resolution wontfix deleted
  • Status changed from closed to reopened
  • Version changed from 1.5.1 to 1.5

I know this is an old bug, but this is still happening not only in comments but in regular posts/pages as well, even through 2.6. This is not an issue of executing PHP, it is an issue of being able to post code that others can copy and paste for use in their own applications.

I have posted this issue to the forums before:

http://wordpress.org/support/topic/128209

http://wordpress.org/support/topic/128236

And while I can always go and edit the post functions that handle the tag balancing, every time I update my installation of Wordpress my changes get wiped out. Is there a way that the core of Wordpress can be updated so that posting <?php tags does not create the space between the opening tag bracket and the question mark? This should be applied to PHP tags, Doctype declarations and XML opening tags since they do not have balance matched tags.

And for the record, Wordpress also mangles doctype declarations in posts as well (<!DOCTYPE).

An example for you to view can be found here:

http://www.robert-gonzalez.com/2008/06/17/fun-with-php-and-simple-xml-amber-alerts/

comment:10 @westi7 years ago

  • Milestone set to 2.7
  • Owner changed from anonymous to westi
  • Status changed from reopened to new

comment:11 @santosj7 years ago

  • Resolution set to worksforme
  • Status changed from new to closed

All PHP code within the comments are stripped out solving the issue. A plugin should be used to save the code and probably display in a better format.

Creating a post with the code works.

comment:12 @santosj7 years ago

  • Milestone 2.7 deleted
Note: See TracTickets for help on using tickets.