]> scripts.mit.edu Git - autoinstalls/wordpress.git/blobdiff - wp-includes/formatting.php
Wordpress 3.1.4
[autoinstalls/wordpress.git] / wp-includes / formatting.php
index be2669c108ee0877f6fe644347c61b4f6a0a8664..92aae26d38f3df5ab5f8d52144abd5f2b6aa207d 100644 (file)
@@ -718,7 +718,7 @@ function sanitize_file_name( $filename ) {
                if ( preg_match("/^[a-zA-Z]{2,5}\d?$/", $part) ) {
                        $allowed = false;
                        foreach ( $mimes as $ext_preg => $mime_match ) {
-                               $ext_preg = '!(^' . $ext_preg . ')$!i';
+                               $ext_preg = '!^(' . $ext_preg . ')$!i';
                                if ( preg_match( $ext_preg, $part ) ) {
                                        $allowed = true;
                                        break;
@@ -1386,7 +1386,11 @@ function _make_email_clickable_cb($matches) {
 function make_clickable($ret) {
        $ret = ' ' . $ret;
        // in testing, using arrays here was found to be faster
-       $ret = preg_replace_callback('#(?<!=[\'"])(?<=[*\')+.,;:!&$\s>])(\()?([\w]+?://(?:[\w\\x80-\\xff\#%~/?@\[\]-]|[\'*(+.,;:!=&$](?![\b\)]|(\))?([\s]|$))|(?(1)\)(?![\s<.,;:]|$)|\)))+)#is', '_make_url_clickable_cb', $ret);
+       $save = @ini_set('pcre.recursion_limit', 10000);
+       $retval = preg_replace_callback('#(?<!=[\'"])(?<=[*\')+.,;:!&$\s>])(\()?([\w]+?://(?:[\w\\x80-\\xff\#%~/?@\[\]-]{1,2000}|[\'*(+.,;:!=&$](?![\b\)]|(\))?([\s]|$))|(?(1)\)(?![\s<.,;:]|$)|\)))+)#is', '_make_url_clickable_cb', $ret);
+       if (null !== $retval )
+               $ret = $retval;
+       @ini_set('pcre.recursion_limit', $save);
        $ret = preg_replace_callback('#([\s>])((www|ftp)\.[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]+)#is', '_make_web_ftp_clickable_cb', $ret);
        $ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
        // this one is not in an array because we need it to run last, for cleanup of accidental links within links
@@ -2436,7 +2440,14 @@ function sanitize_option($option, $value) {
                                        add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
                        }
                        break;
-
+               case 'new_admin_email':
+                       $value = sanitize_email($value);
+                       if ( !is_email($value) ) {
+                               $value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
+                               if ( function_exists('add_settings_error') )
+                                       add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
+                       }
+                       break;
                case 'thumbnail_size_w':
                case 'thumbnail_size_h':
                case 'medium_size_w':
@@ -2530,6 +2541,11 @@ function sanitize_option($option, $value) {
                                        add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.'));
                        }
                        break;
+               case 'WPLANG':
+                       $allowed = get_available_languages();
+                       if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
+                               $value = get_option( $option );
+                       break;
 
                default :
                        $value = apply_filters("sanitize_option_{$option}", $value, $option);
@@ -2899,4 +2915,17 @@ function capital_P_dangit( $text ) {
 
 }
 
+/**
+ * Sanitize a mime type
+ *
+ * @since 3.1.3
+ *
+ * @param string $mime_type Mime type
+ * @return string Sanitized mime type
+ */
+function sanitize_mime_type( $mime_type ) {
+       $sani_mime_type = preg_replace( '/[^-+*.a-zA-Z0-9\/]/', '', $mime_type );
+       return apply_filters( 'sanitize_mime_type', $sani_mime_type, $mime_type );
+}
+
 ?>