Changeset 6162
- Timestamp:
- 12/12/2016 02:06:38 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/0.9/bb-includes/kses.php
r516 r6162 46 46 ############################################################################### 47 47 { 48 return preg_replace('%(<'. # EITHER: < 48 global $pass_allowed_html, $pass_allowed_protocols; 49 $pass_allowed_html = $allowed_html; 50 $pass_allowed_protocols = $allowed_protocols; 51 return preg_replace_callback('%(<'. # EITHER: < 49 52 '[^>]*'. # things that aren't > 50 53 '(>|$)'. # > or end of string 51 '|>)%e', # OR: just a > 52 "wp_kses_split2('\\1', \$allowed_html, ". 53 '$allowed_protocols)', 54 '|>)%', # OR: just a > 55 '_wp_kses_split_callback', 54 56 $string); 55 57 } # function wp_kses_split 56 58 59 function _wp_kses_split_callback( $match ) 60 { 61 global $pass_allowed_html, $pass_allowed_protocols; 62 return wp_kses_split2( $match[1], $pass_allowed_html, $pass_allowed_protocols ); 63 } 57 64 58 65 function wp_kses_split2($string, $allowed_html, $allowed_protocols) … … 435 442 ############################################################################### 436 443 { 437 return preg_replace('/^((&[^;]*;|[\sA-Za-z0-9])*)'.438 '(:|:|&#[Xx]3[Aa];)\s*/e',439 'wp_kses_bad_protocol_once2("\\1", $allowed_protocols)',440 $string);444 $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 ); 445 if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) 446 $string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] ); 447 return $string; 441 448 } # function wp_kses_bad_protocol_once 442 443 449 444 450 function wp_kses_bad_protocol_once2($string, $allowed_protocols) … … 482 488 $string = preg_replace('/&([A-Za-z][A-Za-z0-9]{0,19});/', 483 489 '&\\1;', $string); 484 $string = preg_replace ('/&#0*([0-9]{1,5});/e',485 ' wp_kses_normalize_entities2("\\1")', $string);490 $string = preg_replace_callback('/&#0*([0-9]{1,5});/', 491 '_wp_kses_normalize_entities_callback', $string); 486 492 $string = preg_replace('/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', 487 493 '&#\\1\\2;', $string); … … 490 496 } # function wp_kses_normalize_entities 491 497 498 function _wp_kses_normalize_entities_callback($match) { 499 return wp_kses_normalize_entities2($match[1]); 500 } 492 501 493 502 function wp_kses_normalize_entities2($i) … … 508 517 ############################################################################### 509 518 { 510 $string = preg_replace ('/&#([0-9]+);/e', 'chr("\\1")', $string);511 $string = preg_replace ('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))',519 $string = preg_replace_callback('/&#([0-9]+);/', '_wp_kses_decode_entities_chr', $string); 520 $string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', '_wp_kses_decode_entities_chr_hexdec', 512 521 $string); 513 522 … … 515 524 } # function wp_kses_decode_entities 516 525 526 # Regex callback for wp_kses_decode_entities() 527 function _wp_kses_decode_entities_chr( $match ) { 528 return chr( $match[1] ); 529 } 530 531 ## 532 function _wp_kses_decode_entities_chr_hexdec( $match ) { 533 return chr( hexdec( $match[1] ) ); 534 } 517 535 ?>
Note: See TracChangeset
for help on using the changeset viewer.