*/
function wp_kses_bad_protocol($string, $allowed_protocols) {
$string = wp_kses_no_null($string);
- $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
$string2 = $string.'a';
while ($string != $string2) {
$string2 = wp_kses_decode_entities($string);
$string2 = preg_replace('/\s/', '', $string2);
$string2 = wp_kses_no_null($string2);
- $string2 = preg_replace('/\xad+/', '', $string2);
- # deals with Opera "feature"
$string2 = strtolower($string2);
$allowed = false;
* @return string Content after decoded entities
*/
function wp_kses_decode_entities($string) {
- $string = preg_replace_callback('/&#([0-9]+);/', create_function('$match', 'return chr($match[1]);'), $string);
- $string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', create_function('$match', 'return chr(hexdec($match[1]));'), $string);
+ $string = preg_replace_callback('/&#([0-9]+);/', '_wp_kses_decode_entities_chr', $string);
+ $string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', '_wp_kses_decode_entities_chr_hexdec', $string);
return $string;
}
+/**
+ * Regex callback for wp_kses_decode_entities()
+ *
+ * @param array $match preg match
+ * @return string
+ */
+function _wp_kses_decode_entities_chr( $match ) {
+ return chr( $match[1] );
+}
+
+/**
+ * Regex callback for wp_kses_decode_entities()
+ *
+ * @param array $match preg match
+ * @return string
+ */
+function _wp_kses_decode_entities_chr_hexdec( $match ) {
+ return chr( hexdec( $match[1] ) );
+}
+
/**
* Sanitize content with allowed HTML Kses rules.
*
* @since 1.0.0
* @uses $allowedtags
*
- * @param string $data Content to filter
+ * @param string $data Content to filter, expected to be escaped with slashes
* @return string Filtered content
*/
function wp_filter_kses($data) {
return addslashes( wp_kses(stripslashes( $data ), $allowedtags) );
}
+/**
+ * Sanitize content with allowed HTML Kses rules.
+ *
+ * @since 2.9.0
+ * @uses $allowedtags
+ *
+ * @param string $data Content to filter, expected to not be escaped
+ * @return string Filtered content
+ */
+function wp_kses_data($data) {
+ global $allowedtags;
+ return wp_kses( $data , $allowedtags );
+}
+
/**
* Sanitize content for allowed HTML tags for post content.
*
* @since 2.0.0
* @uses $allowedposttags
*
- * @param string $data Post content to filter
+ * @param string $data Post content to filter, expected to be escaped with slashes
* @return string Filtered post content with allowed HTML tags and attributes intact.
*/
function wp_filter_post_kses($data) {
return addslashes ( wp_kses(stripslashes( $data ), $allowedposttags) );
}
+/**
+ * Sanitize content for allowed HTML tags for post content.
+ *
+ * Post content refers to the page contents of the 'post' type and not $_POST
+ * data from forms.
+ *
+ * @since 2.9.0
+ * @uses $allowedposttags
+ *
+ * @param string $data Post content to filter
+ * @return string Filtered post content with allowed HTML tags and attributes intact.
+ */
+function wp_kses_post($data) {
+ global $allowedposttags;
+ return wp_kses( $data , $allowedposttags );
+}
+
/**
* Strips all of the HTML in the content.
*
return '';
$css_array = split( ';', trim( $css ) );
- $allowed_attr = apply_filters( 'safe_style_css', array( 'text-align', 'margin', 'color', 'float',
- 'border', 'background', 'background-color', 'border-bottom', 'border-bottom-color',
+ $allowed_attr = apply_filters( 'safe_style_css', array( 'text-align', 'margin', 'color', 'float',
+ 'border', 'background', 'background-color', 'border-bottom', 'border-bottom-color',
'border-bottom-style', 'border-bottom-width', 'border-collapse', 'border-color', 'border-left',
- 'border-left-color', 'border-left-style', 'border-left-width', 'border-right', 'border-right-color',
- 'border-right-style', 'border-right-width', 'border-spacing', 'border-style', 'border-top',
- 'border-top-color', 'border-top-style', 'border-top-width', 'border-width', 'caption-side',
- 'clear', 'cursor', 'direction', 'font', 'font-family', 'font-size', 'font-style',
- 'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'margin-bottom',
- 'margin-left', 'margin-right', 'margin-top', 'overflow', 'padding', 'padding-bottom',
- 'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align',
+ 'border-left-color', 'border-left-style', 'border-left-width', 'border-right', 'border-right-color',
+ 'border-right-style', 'border-right-width', 'border-spacing', 'border-style', 'border-top',
+ 'border-top-color', 'border-top-style', 'border-top-width', 'border-width', 'caption-side',
+ 'clear', 'cursor', 'direction', 'font', 'font-family', 'font-size', 'font-style',
+ 'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'margin-bottom',
+ 'margin-left', 'margin-right', 'margin-top', 'overflow', 'padding', 'padding-bottom',
+ 'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align',
'width' ) );
if ( empty($allowed_attr) )
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff