Wordpress 3.5
[autoinstalls/wordpress.git] / wp-includes / class-feed.php
index 067f36c2c65bd295baecb94e5d106adbb9ad8dd1..c442050c12d64c3f1dd21deb829314d824670f79 100644 (file)
@@ -85,10 +85,45 @@ class WP_SimplePie_File extends SimplePie_File {
                                $this->status_code = wp_remote_retrieve_response_code( $res );
                        }
                } else {
-                       if ( ! $this->body = file_get_contents($url) ) {
+                       if ( ! file_exists($url) || ( ! $this->body = file_get_contents($url) ) ) {
                                $this->error = 'file_get_contents could not read the file';
                                $this->success = false;
                        }
                }
        }
 }
+
+/**
+ * WordPress SimplePie Sanitization Class
+ *
+ * Extension of the SimplePie_Sanitize class to use KSES, because
+ * we cannot universally count on DOMDocument being available
+ *
+ * @package WordPress
+ * @since 3.5.0
+ */
+class WP_SimplePie_Sanitize_KSES extends SimplePie_Sanitize {
+       public function sanitize( $data, $type, $base = '' ) {
+               $data = trim( $data );
+               if ( $type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML ) {
+                       if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) {
+                               $type |= SIMPLEPIE_CONSTRUCT_HTML;
+                       }
+                       else {
+                               $type |= SIMPLEPIE_CONSTRUCT_TEXT;
+                       }
+               }
+               if ( $type & SIMPLEPIE_CONSTRUCT_BASE64 ) {
+                       $data = base64_decode( $data );
+               }
+               if ( $type & ( SIMPLEPIE_CONSTRUCT_HTML | SIMPLEPIE_CONSTRUCT_XHTML ) ) {
+                       $data = wp_kses_post( $data );
+                       if ( $this->output_encoding !== 'UTF-8' ) {
+                               $data = $this->registry->call( 'Misc', 'change_encoding', array( $data, 'UTF-8', $this->output_encoding ) );
+                       }
+                       return $data;
+               } else {
+                       return parent::sanitize( $data, $type, $base );
+               }
+       }
+}