X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/38ca813a0e312e2768e5b9519f0415cd0aa84781..6c8f14c09105d0afa4c1574215c59b5021040e76:/wp-includes/class-feed.php

diff --git a/wp-includes/class-feed.php b/wp-includes/class-feed.php
index 067f36c2..c442050c 100644
--- a/wp-includes/class-feed.php
+++ b/wp-includes/class-feed.php
@@ -85,10 +85,45 @@ class WP_SimplePie_File extends SimplePie_File {
 				$this->status_code = wp_remote_retrieve_response_code( $res );
 			}
 		} else {
-			if ( ! $this->body = file_get_contents($url) ) {
+			if ( ! file_exists($url) || ( ! $this->body = file_get_contents($url) ) ) {
 				$this->error = 'file_get_contents could not read the file';
 				$this->success = false;
 			}
 		}
 	}
 }
+
+/**
+ * WordPress SimplePie Sanitization Class
+ *
+ * Extension of the SimplePie_Sanitize class to use KSES, because
+ * we cannot universally count on DOMDocument being available
+ *
+ * @package WordPress
+ * @since 3.5.0
+ */
+class WP_SimplePie_Sanitize_KSES extends SimplePie_Sanitize {
+	public function sanitize( $data, $type, $base = '' ) {
+		$data = trim( $data );
+		if ( $type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML ) {
+			if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) {
+				$type |= SIMPLEPIE_CONSTRUCT_HTML;
+			}
+			else {
+				$type |= SIMPLEPIE_CONSTRUCT_TEXT;
+			}
+		}
+		if ( $type & SIMPLEPIE_CONSTRUCT_BASE64 ) {
+			$data = base64_decode( $data );
+		}
+		if ( $type & ( SIMPLEPIE_CONSTRUCT_HTML | SIMPLEPIE_CONSTRUCT_XHTML ) ) {
+			$data = wp_kses_post( $data );
+			if ( $this->output_encoding !== 'UTF-8' ) {
+				$data = $this->registry->call( 'Misc', 'change_encoding', array( $data, 'UTF-8', $this->output_encoding ) );
+			}
+			return $data;
+		} else {
+			return parent::sanitize( $data, $type, $base );
+		}
+	}
+}