.
$pee = preg_replace('|]*)>|i', "", $pee);
$pee = str_replace('
', '
', $pee);
+
+ // If an opening or closing block element tag is preceded by an opening tag, remove it.
$pee = preg_replace('!
\s*(?' . $allblocks . '[^>]*>)!', "$1", $pee);
+
+ // If an opening or closing block element tag is followed by a closing
tag, remove it.
$pee = preg_replace('!(?' . $allblocks . '[^>]*>)\s*
!', "$1", $pee);
- if ($br) {
- $pee = preg_replace_callback('/<(script|style).*?<\/\\1>/s', create_function('$matches', 'return str_replace("\n", "", $matches[0]);'), $pee);
- $pee = preg_replace('|(?)\s*\n|', "
\n", $pee); // optionally make line breaks
+
+ // Optionally insert line breaks.
+ if ( $br ) {
+ // Replace newlines that shouldn't be touched with a placeholder.
+ $pee = preg_replace_callback('/<(script|style).*?<\/\\1>/s', '_autop_newline_preservation_helper', $pee);
+
+ // Replace any new line characters that aren't preceded by a
with a
.
+ $pee = preg_replace('|(?)\s*\n|', "
\n", $pee);
+
+ // Replace newline placeholders with newlines.
$pee = str_replace('', "\n", $pee);
}
+
+ // If a
tag is after an opening or closing block tag, remove it.
$pee = preg_replace('!(?' . $allblocks . '[^>]*>)\s*
!', "$1", $pee);
+
+ // If a
tag is before a subset of opening or closing block tags, remove it.
$pee = preg_replace('!
(\s*?(?:p|li|div|dl|dd|dt|th|pre|td|ul|ol)[^>]*>)!', '$1', $pee);
- if (strpos($pee, ']*>)(.*?)
!is', 'clean_pre', $pee );
$pee = preg_replace( "|\n$|", '', $pee );
- $pee = preg_replace('/\s*?(' . get_shortcode_regex() . ')\s*<\/p>/s', '$1', $pee); // don't auto-p wrap shortcodes that stand alone
+
+ // Replace placeholder
tags with their original content.
+ if ( !empty($pre_tags) )
+ $pee = str_replace(array_keys($pre_tags), array_values($pre_tags), $pee);
+
+ // Restore newlines in all elements.
+ $pee = str_replace( " ", "\n", $pee );
return $pee;
}
+/**
+ * Separate HTML elements and comments from the text.
+ *
+ * @since 4.2.4
+ *
+ * @param string $input The text which has to be formatted.
+ * @return array The formatted text.
+ */
+function wp_html_split( $input ) {
+ static $regex;
+
+ if ( ! isset( $regex ) ) {
+ $comments =
+ '!' // Start of comment, after the <.
+ . '(?:' // Unroll the loop: Consume everything until --> is found.
+ . '-(?!->)' // Dash not followed by end of comment.
+ . '[^\-]*+' // Consume non-dashes.
+ . ')*+' // Loop possessively.
+ . '(?:-->)?'; // End of comment. If not found, match all input.
+
+ $cdata =
+ '!\[CDATA\[' // Start of comment, after the <.
+ . '[^\]]*+' // Consume non-].
+ . '(?:' // Unroll the loop: Consume everything until ]]> is found.
+ . '](?!]>)' // One ] not followed by end of comment.
+ . '[^\]]*+' // Consume non-].
+ . ')*+' // Loop possessively.
+ . '(?:]]>)?'; // End of comment. If not found, match all input.
+
+ $regex =
+ '/(' // Capture the entire match.
+ . '<' // Find start of element.
+ . '(?(?=!--)' // Is this a comment?
+ . $comments // Find end of comment.
+ . '|'
+ . '(?(?=!\[CDATA\[)' // Is this a comment?
+ . $cdata // Find end of comment.
+ . '|'
+ . '[^>]*>?' // Find end of element. If not found, match all input.
+ . ')'
+ . ')'
+ . ')/s';
+ }
+
+ return preg_split( $regex, $input, -1, PREG_SPLIT_DELIM_CAPTURE );
+}
+
+/**
+ * Replace characters or phrases within HTML elements only.
+ *
+ * @since 4.2.3
+ *
+ * @param string $haystack The text which has to be formatted.
+ * @param array $replace_pairs In the form array('from' => 'to', ...).
+ * @return string The formatted text.
+ */
+function wp_replace_in_html_tags( $haystack, $replace_pairs ) {
+ // Find all elements.
+ $textarr = wp_html_split( $haystack );
+ $changed = false;
+
+ // Optimize when searching for one item.
+ if ( 1 === count( $replace_pairs ) ) {
+ // Extract $needle and $replace.
+ foreach ( $replace_pairs as $needle => $replace );
+
+ // Loop through delimeters (elements) only.
+ for ( $i = 1, $c = count( $textarr ); $i < $c; $i += 2 ) {
+ if ( false !== strpos( $textarr[$i], $needle ) ) {
+ $textarr[$i] = str_replace( $needle, $replace, $textarr[$i] );
+ $changed = true;
+ }
+ }
+ } else {
+ // Extract all $needles.
+ $needles = array_keys( $replace_pairs );
+
+ // Loop through delimeters (elements) only.
+ for ( $i = 1, $c = count( $textarr ); $i < $c; $i += 2 ) {
+ foreach ( $needles as $needle ) {
+ if ( false !== strpos( $textarr[$i], $needle ) ) {
+ $textarr[$i] = strtr( $textarr[$i], $replace_pairs );
+ $changed = true;
+ // After one strtr() break out of the foreach loop and look at next element.
+ break;
+ }
+ }
+ }
+ }
+
+ if ( $changed ) {
+ $haystack = implode( $textarr );
+ }
+
+ return $haystack;
+}
+
+/**
+ * Newline preservation help function for wpautop
+ *
+ * @since 3.1.0
+ * @access private
+ *
+ * @param array $matches preg_replace_callback matches array
+ * @return string
+ */
+function _autop_newline_preservation_helper( $matches ) {
+ return str_replace("\n", "", $matches[0]);
+}
+
+/**
+ * Don't auto-p wrap shortcodes that stand alone
+ *
+ * Ensures that shortcodes are not wrapped in `...
`.
+ *
+ * @since 2.9.0
+ *
+ * @param string $pee The content.
+ * @return string The filtered content.
+ */
+function shortcode_unautop( $pee ) {
+ global $shortcode_tags;
+
+ if ( empty( $shortcode_tags ) || !is_array( $shortcode_tags ) ) {
+ return $pee;
+ }
+
+ $tagregexp = join( '|', array_map( 'preg_quote', array_keys( $shortcode_tags ) ) );
+ $spaces = wp_spaces_regexp();
+
+ $pattern =
+ '/'
+ . '' // Opening paragraph
+ . '(?:' . $spaces . ')*+' // Optional leading whitespace
+ . '(' // 1: The shortcode
+ . '\\[' // Opening bracket
+ . "($tagregexp)" // 2: Shortcode name
+ . '(?![\\w-])' // Not followed by word character or hyphen
+ // Unroll the loop: Inside the opening shortcode tag
+ . '[^\\]\\/]*' // Not a closing bracket or forward slash
+ . '(?:'
+ . '\\/(?!\\])' // A forward slash not followed by a closing bracket
+ . '[^\\]\\/]*' // Not a closing bracket or forward slash
+ . ')*?'
+ . '(?:'
+ . '\\/\\]' // Self closing tag and closing bracket
+ . '|'
+ . '\\]' // Closing bracket
+ . '(?:' // Unroll the loop: Optionally, anything between the opening and closing shortcode tags
+ . '[^\\[]*+' // Not an opening bracket
+ . '(?:'
+ . '\\[(?!\\/\\2\\])' // An opening bracket not followed by the closing shortcode tag
+ . '[^\\[]*+' // Not an opening bracket
+ . ')*+'
+ . '\\[\\/\\2\\]' // Closing shortcode tag
+ . ')?'
+ . ')'
+ . ')'
+ . '(?:' . $spaces . ')*+' // optional trailing whitespace
+ . '<\\/p>' // closing paragraph
+ . '/s';
+
+ return preg_replace( $pattern, '$1', $pee );
+}
+
/**
* Checks to see if a string is utf8 encoded.
*
@@ -188,17 +693,19 @@ function wpautop($pee, $br = 1) {
* @return bool True if $str fits a UTF-8 model, false otherwise.
*/
function seems_utf8($str) {
+ mbstring_binary_safe_encoding();
$length = strlen($str);
+ reset_mbstring_encoding();
for ($i=0; $i < $length; $i++) {
$c = ord($str[$i]);
- if ($c < 0x80) $n = 0; # 0bbbbbbb
- elseif (($c & 0xE0) == 0xC0) $n=1; # 110bbbbb
- elseif (($c & 0xF0) == 0xE0) $n=2; # 1110bbbb
- elseif (($c & 0xF8) == 0xF0) $n=3; # 11110bbb
- elseif (($c & 0xFC) == 0xF8) $n=4; # 111110bb
- elseif (($c & 0xFE) == 0xFC) $n=5; # 1111110b
- else return false; # Does not match any model
- for ($j=0; $j<$n; $j++) { # n bytes matching 10bbbbbb follow ?
+ if ($c < 0x80) $n = 0; // 0bbbbbbb
+ elseif (($c & 0xE0) == 0xC0) $n=1; // 110bbbbb
+ elseif (($c & 0xF0) == 0xE0) $n=2; // 1110bbbb
+ elseif (($c & 0xF8) == 0xF0) $n=3; // 11110bbb
+ elseif (($c & 0xFC) == 0xF8) $n=4; // 111110bb
+ elseif (($c & 0xFE) == 0xFC) $n=5; // 1111110b
+ else return false; // Does not match any model
+ for ($j=0; $j<$n; $j++) { // n bytes matching 10bbbbbb follow ?
if ((++$i == $length) || ((ord($str[$i]) & 0xC0) != 0x80))
return false;
}
@@ -215,44 +722,42 @@ function seems_utf8($str) {
* ", or ENT_QUOTES to do both. Default is ENT_NOQUOTES where no quotes are encoded.
*
* @since 1.2.2
+ * @access private
*
* @param string $string The text which is to be encoded.
- * @param mixed $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES.
+ * @param int $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES.
* @param string $charset Optional. The character encoding of the string. Default is false.
- * @param boolean $double_encode Optional. Whether or not to encode existing html entities. Default is false.
+ * @param boolean $double_encode Optional. Whether to encode existing html entities. Default is false.
* @return string The encoded text with HTML entities.
*/
function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
$string = (string) $string;
- if ( 0 === strlen( $string ) ) {
+ if ( 0 === strlen( $string ) )
return '';
- }
// Don't bother if there are no specialchars - saves some processing
- if ( !preg_match( '/[&<>"\']/', $string ) ) {
+ if ( ! preg_match( '/[&<>"\']/', $string ) )
return $string;
- }
// Account for the previous behaviour of the function when the $quote_style is not an accepted value
- if ( empty( $quote_style ) ) {
+ if ( empty( $quote_style ) )
$quote_style = ENT_NOQUOTES;
- } elseif ( !in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) ) {
+ elseif ( ! in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) )
$quote_style = ENT_QUOTES;
- }
// Store the site charset as a static to avoid multiple calls to wp_load_alloptions()
- if ( !$charset ) {
+ if ( ! $charset ) {
static $_charset;
- if ( !isset( $_charset ) ) {
+ if ( ! isset( $_charset ) ) {
$alloptions = wp_load_alloptions();
$_charset = isset( $alloptions['blog_charset'] ) ? $alloptions['blog_charset'] : '';
}
$charset = $_charset;
}
- if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) ) {
+
+ if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) )
$charset = 'UTF-8';
- }
$_quote_style = $quote_style;
@@ -264,22 +769,27 @@ function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = fals
}
// Handle double encoding ourselves
- if ( !$double_encode ) {
+ if ( $double_encode ) {
+ $string = @htmlspecialchars( $string, $quote_style, $charset );
+ } else {
+ // Decode & into &
$string = wp_specialchars_decode( $string, $_quote_style );
- $string = preg_replace( '/&(#?x?[0-9a-z]+);/i', '|wp_entity|$1|/wp_entity|', $string );
- }
- $string = @htmlspecialchars( $string, $quote_style, $charset );
+ // Guarantee every &entity; is valid or re-encode the &
+ $string = wp_kses_normalize_entities( $string );
- // Handle double encoding ourselves
- if ( !$double_encode ) {
- $string = str_replace( array( '|wp_entity|', '|/wp_entity|' ), array( '&', ';' ), $string );
+ // Now re-encode everything except &entity;
+ $string = preg_split( '/(?x?[0-9a-z]+;)/i', $string, -1, PREG_SPLIT_DELIM_CAPTURE );
+
+ for ( $i = 0, $c = count( $string ); $i < $c; $i += 2 ) {
+ $string[$i] = @htmlspecialchars( $string[$i], $quote_style, $charset );
+ }
+ $string = implode( '', $string );
}
// Backwards compatibility
- if ( 'single' === $_quote_style ) {
+ if ( 'single' === $_quote_style )
$string = str_replace( "'", ''', $string );
- }
return $string;
}
@@ -292,7 +802,7 @@ function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = fals
* $quote_style can be set to ENT_COMPAT to decode " entities,
* or ENT_QUOTES to do both " and '. Default is ENT_NOQUOTES where no quotes are decoded.
*
- * @since 2.8
+ * @since 2.8.0
*
* @param string $string The text which is to be decoded.
* @param mixed $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old _wp_specialchars() values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES.
@@ -349,7 +859,7 @@ function wp_specialchars_decode( $string, $quote_style = ENT_NOQUOTES ) {
/**
* Checks for invalid UTF8 in a string.
*
- * @since 2.8
+ * @since 2.8.0
*
* @param string $string The text which is to be checked.
* @param boolean $strip Optional. Whether to attempt to strip out invalid UTF8. Default is false.
@@ -409,7 +919,10 @@ function utf8_uri_encode( $utf8_string, $length = 0 ) {
$num_octets = 1;
$unicode_length = 0;
+ mbstring_binary_safe_encoding();
$string_length = strlen( $utf8_string );
+ reset_mbstring_encoding();
+
for ($i = 0; $i < $string_length; $i++ ) {
$value = ord( $utf8_string[ $i ] );
@@ -420,21 +933,27 @@ function utf8_uri_encode( $utf8_string, $length = 0 ) {
$unicode .= chr($value);
$unicode_length++;
} else {
- if ( count( $values ) == 0 ) $num_octets = ( $value < 224 ) ? 2 : 3;
+ if ( count( $values ) == 0 ) {
+ if ( $value < 224 ) {
+ $num_octets = 2;
+ } elseif ( $value < 240 ) {
+ $num_octets = 3;
+ } else {
+ $num_octets = 4;
+ }
+ }
$values[] = $value;
if ( $length && ( $unicode_length + ($num_octets * 3) ) > $length )
break;
if ( count( $values ) == $num_octets ) {
- if ($num_octets == 3) {
- $unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]) . '%' . dechex($values[2]);
- $unicode_length += 9;
- } else {
- $unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]);
- $unicode_length += 6;
+ for ( $j = 0; $j < $num_octets; $j++ ) {
+ $unicode .= '%' . dechex( $values[ $j ] );
}
+ $unicode_length += $num_octets * 3;
+
$values = array();
$num_octets = 1;
}
@@ -461,34 +980,38 @@ function remove_accents($string) {
if (seems_utf8($string)) {
$chars = array(
// Decompositions for Latin-1 Supplement
+ chr(194).chr(170) => 'a', chr(194).chr(186) => 'o',
chr(195).chr(128) => 'A', chr(195).chr(129) => 'A',
chr(195).chr(130) => 'A', chr(195).chr(131) => 'A',
chr(195).chr(132) => 'A', chr(195).chr(133) => 'A',
- chr(195).chr(135) => 'C', chr(195).chr(136) => 'E',
- chr(195).chr(137) => 'E', chr(195).chr(138) => 'E',
- chr(195).chr(139) => 'E', chr(195).chr(140) => 'I',
- chr(195).chr(141) => 'I', chr(195).chr(142) => 'I',
- chr(195).chr(143) => 'I', chr(195).chr(145) => 'N',
+ chr(195).chr(134) => 'AE',chr(195).chr(135) => 'C',
+ chr(195).chr(136) => 'E', chr(195).chr(137) => 'E',
+ chr(195).chr(138) => 'E', chr(195).chr(139) => 'E',
+ chr(195).chr(140) => 'I', chr(195).chr(141) => 'I',
+ chr(195).chr(142) => 'I', chr(195).chr(143) => 'I',
+ chr(195).chr(144) => 'D', chr(195).chr(145) => 'N',
chr(195).chr(146) => 'O', chr(195).chr(147) => 'O',
chr(195).chr(148) => 'O', chr(195).chr(149) => 'O',
chr(195).chr(150) => 'O', chr(195).chr(153) => 'U',
chr(195).chr(154) => 'U', chr(195).chr(155) => 'U',
chr(195).chr(156) => 'U', chr(195).chr(157) => 'Y',
- chr(195).chr(159) => 's', chr(195).chr(160) => 'a',
- chr(195).chr(161) => 'a', chr(195).chr(162) => 'a',
- chr(195).chr(163) => 'a', chr(195).chr(164) => 'a',
- chr(195).chr(165) => 'a', chr(195).chr(167) => 'c',
+ chr(195).chr(158) => 'TH',chr(195).chr(159) => 's',
+ chr(195).chr(160) => 'a', chr(195).chr(161) => 'a',
+ chr(195).chr(162) => 'a', chr(195).chr(163) => 'a',
+ chr(195).chr(164) => 'a', chr(195).chr(165) => 'a',
+ chr(195).chr(166) => 'ae',chr(195).chr(167) => 'c',
chr(195).chr(168) => 'e', chr(195).chr(169) => 'e',
chr(195).chr(170) => 'e', chr(195).chr(171) => 'e',
chr(195).chr(172) => 'i', chr(195).chr(173) => 'i',
chr(195).chr(174) => 'i', chr(195).chr(175) => 'i',
- chr(195).chr(177) => 'n', chr(195).chr(178) => 'o',
- chr(195).chr(179) => 'o', chr(195).chr(180) => 'o',
- chr(195).chr(181) => 'o', chr(195).chr(182) => 'o',
- chr(195).chr(182) => 'o', chr(195).chr(185) => 'u',
- chr(195).chr(186) => 'u', chr(195).chr(187) => 'u',
- chr(195).chr(188) => 'u', chr(195).chr(189) => 'y',
- chr(195).chr(191) => 'y',
+ chr(195).chr(176) => 'd', chr(195).chr(177) => 'n',
+ chr(195).chr(178) => 'o', chr(195).chr(179) => 'o',
+ chr(195).chr(180) => 'o', chr(195).chr(181) => 'o',
+ chr(195).chr(182) => 'o', chr(195).chr(184) => 'o',
+ chr(195).chr(185) => 'u', chr(195).chr(186) => 'u',
+ chr(195).chr(187) => 'u', chr(195).chr(188) => 'u',
+ chr(195).chr(189) => 'y', chr(195).chr(190) => 'th',
+ chr(195).chr(191) => 'y', chr(195).chr(152) => 'O',
// Decompositions for Latin Extended-A
chr(196).chr(128) => 'A', chr(196).chr(129) => 'a',
chr(196).chr(130) => 'A', chr(196).chr(131) => 'a',
@@ -554,13 +1077,106 @@ function remove_accents($string) {
chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z',
chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z',
chr(197).chr(190) => 'z', chr(197).chr(191) => 's',
+ // Decompositions for Latin Extended-B
+ chr(200).chr(152) => 'S', chr(200).chr(153) => 's',
+ chr(200).chr(154) => 'T', chr(200).chr(155) => 't',
// Euro Sign
chr(226).chr(130).chr(172) => 'E',
// GBP (Pound) Sign
- chr(194).chr(163) => '');
+ chr(194).chr(163) => '',
+ // Vowels with diacritic (Vietnamese)
+ // unmarked
+ chr(198).chr(160) => 'O', chr(198).chr(161) => 'o',
+ chr(198).chr(175) => 'U', chr(198).chr(176) => 'u',
+ // grave accent
+ chr(225).chr(186).chr(166) => 'A', chr(225).chr(186).chr(167) => 'a',
+ chr(225).chr(186).chr(176) => 'A', chr(225).chr(186).chr(177) => 'a',
+ chr(225).chr(187).chr(128) => 'E', chr(225).chr(187).chr(129) => 'e',
+ chr(225).chr(187).chr(146) => 'O', chr(225).chr(187).chr(147) => 'o',
+ chr(225).chr(187).chr(156) => 'O', chr(225).chr(187).chr(157) => 'o',
+ chr(225).chr(187).chr(170) => 'U', chr(225).chr(187).chr(171) => 'u',
+ chr(225).chr(187).chr(178) => 'Y', chr(225).chr(187).chr(179) => 'y',
+ // hook
+ chr(225).chr(186).chr(162) => 'A', chr(225).chr(186).chr(163) => 'a',
+ chr(225).chr(186).chr(168) => 'A', chr(225).chr(186).chr(169) => 'a',
+ chr(225).chr(186).chr(178) => 'A', chr(225).chr(186).chr(179) => 'a',
+ chr(225).chr(186).chr(186) => 'E', chr(225).chr(186).chr(187) => 'e',
+ chr(225).chr(187).chr(130) => 'E', chr(225).chr(187).chr(131) => 'e',
+ chr(225).chr(187).chr(136) => 'I', chr(225).chr(187).chr(137) => 'i',
+ chr(225).chr(187).chr(142) => 'O', chr(225).chr(187).chr(143) => 'o',
+ chr(225).chr(187).chr(148) => 'O', chr(225).chr(187).chr(149) => 'o',
+ chr(225).chr(187).chr(158) => 'O', chr(225).chr(187).chr(159) => 'o',
+ chr(225).chr(187).chr(166) => 'U', chr(225).chr(187).chr(167) => 'u',
+ chr(225).chr(187).chr(172) => 'U', chr(225).chr(187).chr(173) => 'u',
+ chr(225).chr(187).chr(182) => 'Y', chr(225).chr(187).chr(183) => 'y',
+ // tilde
+ chr(225).chr(186).chr(170) => 'A', chr(225).chr(186).chr(171) => 'a',
+ chr(225).chr(186).chr(180) => 'A', chr(225).chr(186).chr(181) => 'a',
+ chr(225).chr(186).chr(188) => 'E', chr(225).chr(186).chr(189) => 'e',
+ chr(225).chr(187).chr(132) => 'E', chr(225).chr(187).chr(133) => 'e',
+ chr(225).chr(187).chr(150) => 'O', chr(225).chr(187).chr(151) => 'o',
+ chr(225).chr(187).chr(160) => 'O', chr(225).chr(187).chr(161) => 'o',
+ chr(225).chr(187).chr(174) => 'U', chr(225).chr(187).chr(175) => 'u',
+ chr(225).chr(187).chr(184) => 'Y', chr(225).chr(187).chr(185) => 'y',
+ // acute accent
+ chr(225).chr(186).chr(164) => 'A', chr(225).chr(186).chr(165) => 'a',
+ chr(225).chr(186).chr(174) => 'A', chr(225).chr(186).chr(175) => 'a',
+ chr(225).chr(186).chr(190) => 'E', chr(225).chr(186).chr(191) => 'e',
+ chr(225).chr(187).chr(144) => 'O', chr(225).chr(187).chr(145) => 'o',
+ chr(225).chr(187).chr(154) => 'O', chr(225).chr(187).chr(155) => 'o',
+ chr(225).chr(187).chr(168) => 'U', chr(225).chr(187).chr(169) => 'u',
+ // dot below
+ chr(225).chr(186).chr(160) => 'A', chr(225).chr(186).chr(161) => 'a',
+ chr(225).chr(186).chr(172) => 'A', chr(225).chr(186).chr(173) => 'a',
+ chr(225).chr(186).chr(182) => 'A', chr(225).chr(186).chr(183) => 'a',
+ chr(225).chr(186).chr(184) => 'E', chr(225).chr(186).chr(185) => 'e',
+ chr(225).chr(187).chr(134) => 'E', chr(225).chr(187).chr(135) => 'e',
+ chr(225).chr(187).chr(138) => 'I', chr(225).chr(187).chr(139) => 'i',
+ chr(225).chr(187).chr(140) => 'O', chr(225).chr(187).chr(141) => 'o',
+ chr(225).chr(187).chr(152) => 'O', chr(225).chr(187).chr(153) => 'o',
+ chr(225).chr(187).chr(162) => 'O', chr(225).chr(187).chr(163) => 'o',
+ chr(225).chr(187).chr(164) => 'U', chr(225).chr(187).chr(165) => 'u',
+ chr(225).chr(187).chr(176) => 'U', chr(225).chr(187).chr(177) => 'u',
+ chr(225).chr(187).chr(180) => 'Y', chr(225).chr(187).chr(181) => 'y',
+ // Vowels with diacritic (Chinese, Hanyu Pinyin)
+ chr(201).chr(145) => 'a',
+ // macron
+ chr(199).chr(149) => 'U', chr(199).chr(150) => 'u',
+ // acute accent
+ chr(199).chr(151) => 'U', chr(199).chr(152) => 'u',
+ // caron
+ chr(199).chr(141) => 'A', chr(199).chr(142) => 'a',
+ chr(199).chr(143) => 'I', chr(199).chr(144) => 'i',
+ chr(199).chr(145) => 'O', chr(199).chr(146) => 'o',
+ chr(199).chr(147) => 'U', chr(199).chr(148) => 'u',
+ chr(199).chr(153) => 'U', chr(199).chr(154) => 'u',
+ // grave accent
+ chr(199).chr(155) => 'U', chr(199).chr(156) => 'u',
+ );
+
+ // Used for locale-specific rules
+ $locale = get_locale();
+
+ if ( 'de_DE' == $locale ) {
+ $chars[ chr(195).chr(132) ] = 'Ae';
+ $chars[ chr(195).chr(164) ] = 'ae';
+ $chars[ chr(195).chr(150) ] = 'Oe';
+ $chars[ chr(195).chr(182) ] = 'oe';
+ $chars[ chr(195).chr(156) ] = 'Ue';
+ $chars[ chr(195).chr(188) ] = 'ue';
+ $chars[ chr(195).chr(159) ] = 'ss';
+ } elseif ( 'da_DK' === $locale ) {
+ $chars[ chr(195).chr(134) ] = 'Ae';
+ $chars[ chr(195).chr(166) ] = 'ae';
+ $chars[ chr(195).chr(152) ] = 'Oe';
+ $chars[ chr(195).chr(184) ] = 'oe';
+ $chars[ chr(195).chr(133) ] = 'Aa';
+ $chars[ chr(195).chr(165) ] = 'aa';
+ }
$string = strtr($string, $chars);
} else {
+ $chars = array();
// Assume ISO-8859-1 if not UTF-8
$chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)
.chr(159).chr(162).chr(165).chr(181).chr(192).chr(193).chr(194)
@@ -576,6 +1192,7 @@ function remove_accents($string) {
$chars['out'] = "EfSZszYcYuAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy";
$string = strtr($string, $chars['in'], $chars['out']);
+ $double_chars = array();
$double_chars['in'] = array(chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));
$double_chars['out'] = array('OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');
$string = str_replace($double_chars['in'], $double_chars['out'], $string);
@@ -585,12 +1202,12 @@ function remove_accents($string) {
}
/**
- * Sanitizes a filename replacing whitespace with dashes
+ * Sanitizes a filename, replacing whitespace with dashes.
*
* Removes special characters that are illegal in filenames on certain
* operating systems and special characters requiring special escaping
* to manipulate at the command line. Replaces spaces and consecutive
- * dashes with a single dash. Trim period, dash and underscore from beginning
+ * dashes with a single dash. Trims period, dash and underscore from beginning
* and end of filename.
*
* @since 2.1.0
@@ -600,27 +1217,77 @@ function remove_accents($string) {
*/
function sanitize_file_name( $filename ) {
$filename_raw = $filename;
- $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}");
- $special_chars = apply_filters('sanitize_file_name_chars', $special_chars, $filename_raw);
- $filename = str_replace($special_chars, '', $filename);
- $filename = preg_replace('/[\s-]+/', '-', $filename);
- $filename = trim($filename, '.-_');
+ $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
+ /**
+ * Filter the list of characters to remove from a filename.
+ *
+ * @since 2.8.0
+ *
+ * @param array $special_chars Characters to remove.
+ * @param string $filename_raw Filename as it was passed into sanitize_file_name().
+ */
+ $special_chars = apply_filters( 'sanitize_file_name_chars', $special_chars, $filename_raw );
+ $filename = preg_replace( "#\x{00a0}#siu", ' ', $filename );
+ $filename = str_replace( $special_chars, '', $filename );
+ $filename = str_replace( array( '%20', '+' ), '-', $filename );
+ $filename = preg_replace( '/[\r\n\t -]+/', '-', $filename );
+ $filename = trim( $filename, '.-_' );
+
+ // Split the filename into a base and extension[s]
+ $parts = explode('.', $filename);
+
+ // Return if only one extension
+ if ( count( $parts ) <= 2 ) {
+ /**
+ * Filter a sanitized filename string.
+ *
+ * @since 2.8.0
+ *
+ * @param string $filename Sanitized filename.
+ * @param string $filename_raw The filename prior to sanitization.
+ */
+ return apply_filters( 'sanitize_file_name', $filename, $filename_raw );
+ }
+
+ // Process multiple extensions
+ $filename = array_shift($parts);
+ $extension = array_pop($parts);
+ $mimes = get_allowed_mime_types();
+
+ /*
+ * Loop over any intermediate extensions. Postfix them with a trailing underscore
+ * if they are a 2 - 5 character long alpha string not in the extension whitelist.
+ */
+ foreach ( (array) $parts as $part) {
+ $filename .= '.' . $part;
+
+ if ( preg_match("/^[a-zA-Z]{2,5}\d?$/", $part) ) {
+ $allowed = false;
+ foreach ( $mimes as $ext_preg => $mime_match ) {
+ $ext_preg = '!^(' . $ext_preg . ')$!i';
+ if ( preg_match( $ext_preg, $part ) ) {
+ $allowed = true;
+ break;
+ }
+ }
+ if ( !$allowed )
+ $filename .= '_';
+ }
+ }
+ $filename .= '.' . $extension;
+ /** This filter is documented in wp-includes/formatting.php */
return apply_filters('sanitize_file_name', $filename, $filename_raw);
}
/**
- * Sanitize username stripping out unsafe characters.
+ * Sanitizes a username, stripping out unsafe characters.
*
- * If $strict is true, only alphanumeric characters (as well as _, space, ., -,
- * @) are returned.
- * Removes tags, octets, entities, and if strict is enabled, will remove all
- * non-ASCII characters. After sanitizing, it passes the username, raw username
- * (the username in the parameter), and the strict parameter as parameters for
- * the filter.
+ * Removes tags, octets, entities, and if strict is enabled, will only keep
+ * alphanumeric, _, space, ., -, @. After sanitizing, it passes the username,
+ * raw username (the username in the parameter), and the value of $strict as
+ * parameters for the 'sanitize_user' filter.
*
* @since 2.0.0
- * @uses apply_filters() Calls 'sanitize_user' hook on username, raw username,
- * and $strict parameter.
*
* @param string $username The username to be sanitized.
* @param bool $strict If set limits $username to specific characters. Default false.
@@ -628,23 +1295,60 @@ function sanitize_file_name( $filename ) {
*/
function sanitize_user( $username, $strict = false ) {
$raw_username = $username;
- $username = strip_tags($username);
+ $username = wp_strip_all_tags( $username );
+ $username = remove_accents( $username );
// Kill octets
- $username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
- $username = preg_replace('/&.+?;/', '', $username); // Kill entities
+ $username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
+ $username = preg_replace( '/&.+?;/', '', $username ); // Kill entities
// If strict, reduce to ASCII for max portability.
if ( $strict )
- $username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
+ $username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username );
+ $username = trim( $username );
// Consolidate contiguous whitespace
- $username = preg_replace('|\s+|', ' ', $username);
+ $username = preg_replace( '|\s+|', ' ', $username );
+
+ /**
+ * Filter a sanitized username string.
+ *
+ * @since 2.0.1
+ *
+ * @param string $username Sanitized username.
+ * @param string $raw_username The username prior to sanitization.
+ * @param bool $strict Whether to limit the sanitization to specific characters. Default false.
+ */
+ return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
+}
- return apply_filters('sanitize_user', $username, $raw_username, $strict);
+/**
+ * Sanitizes a string key.
+ *
+ * Keys are used as internal identifiers. Lowercase alphanumeric characters, dashes and underscores are allowed.
+ *
+ * @since 3.0.0
+ *
+ * @param string $key String key
+ * @return string Sanitized key
+ */
+function sanitize_key( $key ) {
+ $raw_key = $key;
+ $key = strtolower( $key );
+ $key = preg_replace( '/[^a-z0-9_\-]/', '', $key );
+
+ /**
+ * Filter a sanitized key string.
+ *
+ * @since 3.0.0
+ *
+ * @param string $key Sanitized key.
+ * @param string $raw_key The key prior to sanitization.
+ */
+ return apply_filters( 'sanitize_key', $key, $raw_key );
}
/**
- * Sanitizes title or use fallback title.
+ * Sanitizes a title, or returns a fallback title.
*
* Specifically, HTML and PHP tags are stripped. Further actions can be added
* via the plugin API. If $title is empty and $fallback_title is set, the latter
@@ -654,12 +1358,25 @@ function sanitize_user( $username, $strict = false ) {
*
* @param string $title The string to be sanitized.
* @param string $fallback_title Optional. A title to use if $title is empty.
+ * @param string $context Optional. The operation for which the string is sanitized
* @return string The sanitized string.
*/
-function sanitize_title($title, $fallback_title = '') {
+function sanitize_title( $title, $fallback_title = '', $context = 'save' ) {
$raw_title = $title;
- $title = strip_tags($title);
- $title = apply_filters('sanitize_title', $title, $raw_title);
+
+ if ( 'save' == $context )
+ $title = remove_accents($title);
+
+ /**
+ * Filter a sanitized title string.
+ *
+ * @since 1.2.0
+ *
+ * @param string $title Sanitized title.
+ * @param string $raw_title The title prior to sanitization.
+ * @param string $context The context for which the title is being sanitized.
+ */
+ $title = apply_filters( 'sanitize_title', $title, $raw_title, $context );
if ( '' === $title || false === $title )
$title = $fallback_title;
@@ -668,7 +1385,21 @@ function sanitize_title($title, $fallback_title = '') {
}
/**
- * Sanitizes title, replacing whitespace with dashes.
+ * Sanitizes a title with the 'query' context.
+ *
+ * Used for querying the database for a value from URL.
+ *
+ * @since 3.1.0
+ *
+ * @param string $title The string to be sanitized.
+ * @return string The sanitized string.
+ */
+function sanitize_title_for_query( $title ) {
+ return sanitize_title( $title, '', 'query' );
+}
+
+/**
+ * Sanitizes a title, replacing whitespace and a few other characters with dashes.
*
* Limits the output to alphanumeric characters, underscore (_) and dash (-).
* Whitespace becomes a dash.
@@ -676,9 +1407,11 @@ function sanitize_title($title, $fallback_title = '') {
* @since 1.2.0
*
* @param string $title The title to be sanitized.
+ * @param string $raw_title Optional. Not used.
+ * @param string $context Optional. The operation for which the string is sanitized.
* @return string The sanitized title.
*/
-function sanitize_title_with_dashes($title) {
+function sanitize_title_with_dashes( $title, $raw_title = '', $context = 'display' ) {
$title = strip_tags($title);
// Preserve escaped octets.
$title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title);
@@ -687,7 +1420,6 @@ function sanitize_title_with_dashes($title) {
// Restore octets.
$title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title);
- $title = remove_accents($title);
if (seems_utf8($title)) {
if (function_exists('mb_strtolower')) {
$title = mb_strtolower($title, 'UTF-8');
@@ -698,6 +1430,32 @@ function sanitize_title_with_dashes($title) {
$title = strtolower($title);
$title = preg_replace('/&.+?;/', '', $title); // kill entities
$title = str_replace('.', '-', $title);
+
+ if ( 'save' == $context ) {
+ // Convert nbsp, ndash and mdash to hyphens
+ $title = str_replace( array( '%c2%a0', '%e2%80%93', '%e2%80%94' ), '-', $title );
+
+ // Strip these characters entirely
+ $title = str_replace( array(
+ // iexcl and iquest
+ '%c2%a1', '%c2%bf',
+ // angle quotes
+ '%c2%ab', '%c2%bb', '%e2%80%b9', '%e2%80%ba',
+ // curly quotes
+ '%e2%80%98', '%e2%80%99', '%e2%80%9c', '%e2%80%9d',
+ '%e2%80%9a', '%e2%80%9b', '%e2%80%9e', '%e2%80%9f',
+ // copy, reg, deg, hellip and trade
+ '%c2%a9', '%c2%ae', '%c2%b0', '%e2%80%a6', '%e2%84%a2',
+ // acute accents
+ '%c2%b4', '%cb%8a', '%cc%81', '%cd%81',
+ // grave accent, macron, caron
+ '%cc%80', '%cc%84', '%cc%8c',
+ ), '', $title );
+
+ // Convert times to x
+ $title = str_replace( '%c3%97', 'x', $title );
+ }
+
$title = preg_replace('/[^%a-z0-9 _-]/', '', $title);
$title = preg_replace('/\s+/', '-', $title);
$title = preg_replace('|-+|', '-', $title);
@@ -707,27 +1465,29 @@ function sanitize_title_with_dashes($title) {
}
/**
- * Ensures a string is a valid SQL order by clause.
+ * Ensures a string is a valid SQL 'order by' clause.
*
- * Accepts one or more columns, with or without ASC/DESC, and also accepts
- * RAND().
+ * Accepts one or more columns, with or without a sort order (ASC / DESC).
+ * e.g. 'column_1', 'column_1, column_2', 'column_1 ASC, column_2 DESC' etc.
+ *
+ * Also accepts 'RAND()'.
*
* @since 2.5.1
*
- * @param string $orderby Order by string to be checked.
- * @return string|false Returns the order by clause if it is a match, false otherwise.
+ * @param string $orderby Order by clause to be validated.
+ * @return string|bool Returns $orderby if valid, false otherwise.
*/
-function sanitize_sql_orderby( $orderby ){
- preg_match('/^\s*([a-z0-9_]+(\s+(ASC|DESC))?(\s*,\s*|\s*$))+|^\s*RAND\(\s*\)\s*$/i', $orderby, $obmatches);
- if ( !$obmatches )
- return false;
- return $orderby;
+function sanitize_sql_orderby( $orderby ) {
+ if ( preg_match( '/^\s*(([a-z0-9_]+|`[a-z0-9_]+`)(\s+(ASC|DESC))?\s*(,\s*(?=[a-z0-9_`])|$))+$/i', $orderby ) || preg_match( '/^\s*RAND\(\s*\)\s*$/i', $orderby ) ) {
+ return $orderby;
+ }
+ return false;
}
/**
- * Santizes a html classname to ensure it only contains valid characters
+ * Sanitizes an HTML classname to ensure it only contains valid characters.
*
- * Strips the string down to A-Z,a-z,0-9,'-' if this results in an empty
+ * Strips the string down to A-Z,a-z,0-9,_,-. If this results in an empty
* string then it will return the alternative value supplied.
*
* @todo Expand to support the full range of CDATA that a class attribute can contain.
@@ -735,26 +1495,36 @@ function sanitize_sql_orderby( $orderby ){
* @since 2.8.0
*
* @param string $class The classname to be sanitized
- * @param string $fallback The value to return if the sanitization end's up as an empty string.
+ * @param string $fallback Optional. The value to return if the sanitization ends up as an empty string.
+ * Defaults to an empty string.
* @return string The sanitized value
*/
-function sanitize_html_class($class, $fallback){
+function sanitize_html_class( $class, $fallback = '' ) {
//Strip out any % encoded octets
- $sanitized = preg_replace('|%[a-fA-F0-9][a-fA-F0-9]|', '', $class);
+ $sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class );
- //Limit to A-Z,a-z,0-9,'-'
- $sanitized = preg_replace('/[^A-Za-z0-9-]/', '', $sanitized);
+ //Limit to A-Z,a-z,0-9,_,-
+ $sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );
- if ('' == $sanitized)
+ if ( '' == $sanitized )
$sanitized = $fallback;
- return apply_filters('sanitize_html_class',$sanitized, $class, $fallback);
+ /**
+ * Filter a sanitized HTML class string.
+ *
+ * @since 2.8.0
+ *
+ * @param string $sanitized The sanitized HTML class.
+ * @param string $class HTML class before sanitization.
+ * @param string $fallback The fallback string.
+ */
+ return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback );
}
/**
* Converts a number of characters from a string.
*
- * Metadata tags <
> and <> are removed, <
> and <
> are
+ * Metadata tags `` and `` are removed, `
` and `
` are
* converted into correct XHTML and Unicode characters are converted to the
* valid range.
*
@@ -765,6 +1535,9 @@ function sanitize_html_class($class, $fallback){
* @return string Converted string.
*/
function convert_chars($content, $deprecated = '') {
+ if ( !empty( $deprecated ) )
+ _deprecated_argument( __FUNCTION__, '0.71' );
+
// Translation of invalid Unicode references range to valid range
$wp_htmltranswinuni = array(
'' => '€', // the Euro sign
@@ -781,7 +1554,7 @@ function convert_chars($content, $deprecated = '') {
'' => '‹',
'' => 'Œ',
'' => '',
- '' => 'ž',
+ '' => 'Ž',
'' => '',
'' => '',
'' => '‘',
@@ -797,7 +1570,7 @@ function convert_chars($content, $deprecated = '') {
'' => '›',
'' => 'œ',
'' => '',
- '' => '',
+ '' => 'ž',
'' => 'Ÿ'
);
@@ -819,58 +1592,20 @@ function convert_chars($content, $deprecated = '') {
}
/**
- * Callback used to change %uXXXX to YYY; syntax
- *
- * @since 2.8?
- *
- * @param array $matches Single Match
- * @return string An HTML entity
- */
-function funky_javascript_callback($matches) {
- return "".base_convert($matches[1],16,10).";";
-}
-
-/**
- * Fixes javascript bugs in browsers.
- *
- * Converts unicode characters to HTML numbered entities.
- *
- * @since 1.5.0
- * @uses $is_macIE
- * @uses $is_winIE
- *
- * @param string $text Text to be made safe.
- * @return string Fixed text.
- */
-function funky_javascript_fix($text) {
- // Fixes for browsers' javascript bugs
- global $is_macIE, $is_winIE;
-
- if ( $is_winIE || $is_macIE )
- $text = preg_replace_callback("/\%u([0-9A-F]{4,4})/",
- "funky_javascript_callback",
- $text);
-
- return $text;
-}
-
-/**
- * Will only balance the tags if forced to and the option is set to balance tags.
- *
- * The option 'use_balanceTags' is used for whether the tags will be balanced.
- * Both the $force parameter and 'use_balanceTags' option will have to be true
- * before the tags will be balanced.
+ * Balances tags if forced to, or if the 'use_balanceTags' option is set to true.
*
* @since 0.71
*
* @param string $text Text to be balanced
- * @param bool $force Forces balancing, ignoring the value of the option. Default false.
+ * @param bool $force If true, forces balancing, ignoring the value of the option. Default false.
* @return string Balanced text
*/
function balanceTags( $text, $force = false ) {
- if ( !$force && get_option('use_balanceTags') == 0 )
+ if ( $force || get_option('use_balanceTags') == 1 ) {
+ return force_balance_tags( $text );
+ } else {
return $text;
- return force_balance_tags( $text );
+ }
}
/**
@@ -879,7 +1614,7 @@ function balanceTags( $text, $force = false ) {
* @since 2.0.4
*
* @author Leonard Lin
- * @license GPL v2.0
+ * @license GPL
* @copyright November 4, 2001
* @version 1.1
* @todo Make better - change loop condition to $text in 1.2
@@ -892,19 +1627,24 @@ function balanceTags( $text, $force = false ) {
* @return string Balanced text.
*/
function force_balance_tags( $text ) {
- $tagstack = array(); $stacksize = 0; $tagqueue = ''; $newtext = '';
- $single_tags = array('br', 'hr', 'img', 'input'); //Known single-entity/self-closing tags
- $nestable_tags = array('blockquote', 'div', 'span'); //Tags that can be immediately nested within themselves
-
- # WP bug fix for comments - in case you REALLY meant to type '< !--'
+ $tagstack = array();
+ $stacksize = 0;
+ $tagqueue = '';
+ $newtext = '';
+ // Known single-entity/self-closing tags
+ $single_tags = array( 'area', 'base', 'basefont', 'br', 'col', 'command', 'embed', 'frame', 'hr', 'img', 'input', 'isindex', 'link', 'meta', 'param', 'source' );
+ // Tags that can be immediately nested within themselves
+ $nestable_tags = array( 'blockquote', 'div', 'object', 'q', 'span' );
+
+ // WP bug fix for comments - in case you REALLY meant to type '< !--'
$text = str_replace('< !--', '< !--', $text);
- # WP bug fix for LOVE <3 (and other situations with '<' before a number)
+ // WP bug fix for LOVE <3 (and other situations with '<' before a number)
$text = preg_replace('#<([0-9]{1})#', '<$1', $text);
- while (preg_match("/<(\/?\w*)\s*([^>]*)>/",$text,$regex)) {
+ while ( preg_match("/<(\/?[\w:]*)\s*([^>]*)>/", $text, $regex) ) {
$newtext .= $tagqueue;
- $i = strpos($text,$regex[0]);
+ $i = strpos($text, $regex[0]);
$l = strlen($regex[0]);
// clear the shifter
@@ -913,22 +1653,22 @@ function force_balance_tags( $text ) {
if ( isset($regex[1][0]) && '/' == $regex[1][0] ) { // End Tag
$tag = strtolower(substr($regex[1],1));
// if too many closing tags
- if($stacksize <= 0) {
+ if( $stacksize <= 0 ) {
$tag = '';
- //or close to be safe $tag = '/' . $tag;
+ // or close to be safe $tag = '/' . $tag;
}
// if stacktop value = tag close value then pop
- else if ($tagstack[$stacksize - 1] == $tag) { // found closing tag
+ elseif ( $tagstack[$stacksize - 1] == $tag ) { // found closing tag
$tag = '' . $tag . '>'; // Close Tag
// Pop
- array_pop ($tagstack);
+ array_pop( $tagstack );
$stacksize--;
} else { // closing tag not at top, search for it
- for ($j=$stacksize-1;$j>=0;$j--) {
- if ($tagstack[$j] == $tag) {
+ for ( $j = $stacksize-1; $j >= 0; $j-- ) {
+ if ( $tagstack[$j] == $tag ) {
// add tag to tagqueue
- for ($k=$stacksize-1;$k>=$j;$k--){
- $tagqueue .= '' . array_pop ($tagstack) . '>';
+ for ( $k = $stacksize-1; $k >= $j; $k--) {
+ $tagqueue .= '' . array_pop( $tagstack ) . '>';
$stacksize--;
}
break;
@@ -941,35 +1681,45 @@ function force_balance_tags( $text ) {
// Tag Cleaning
- // If self-closing or '', don't do anything.
- if((substr($regex[2],-1) == '/') || ($tag == '')) {
+ // If it's an empty tag "< >", do nothing
+ if ( '' == $tag ) {
+ // do nothing
+ }
+ // ElseIf it presents itself as a self-closing tag...
+ elseif ( substr( $regex[2], -1 ) == '/' ) {
+ // ...but it isn't a known single-entity self-closing tag, then don't let it be treated as such and
+ // immediately close it with a closing tag (the tag will encapsulate no text as a result)
+ if ( ! in_array( $tag, $single_tags ) )
+ $regex[2] = trim( substr( $regex[2], 0, -1 ) ) . ">$tag";
}
// ElseIf it's a known single-entity tag but it doesn't close itself, do so
elseif ( in_array($tag, $single_tags) ) {
$regex[2] .= '/';
- } else { // Push the tag onto the stack
+ }
+ // Else it's not a single-entity tag
+ else {
// If the top of the stack is the same as the tag we want to push, close previous tag
- if (($stacksize > 0) && !in_array($tag, $nestable_tags) && ($tagstack[$stacksize - 1] == $tag)) {
- $tagqueue = '' . array_pop ($tagstack) . '>';
+ if ( $stacksize > 0 && !in_array($tag, $nestable_tags) && $tagstack[$stacksize - 1] == $tag ) {
+ $tagqueue = '' . array_pop( $tagstack ) . '>';
$stacksize--;
}
- $stacksize = array_push ($tagstack, $tag);
+ $stacksize = array_push( $tagstack, $tag );
}
// Attributes
$attributes = $regex[2];
- if($attributes) {
- $attributes = ' '.$attributes;
- }
- $tag = '<'.$tag.$attributes.'>';
+ if( ! empty( $attributes ) && $attributes[0] != '>' )
+ $attributes = ' ' . $attributes;
+
+ $tag = '<' . $tag . $attributes . '>';
//If already queuing a close tag, then put this tag on, too
- if ($tagqueue) {
+ if ( !empty($tagqueue) ) {
$tagqueue .= $tag;
$tag = '';
}
}
- $newtext .= substr($text,0,$i) . $tag;
- $text = substr($text,$i+$l);
+ $newtext .= substr($text, 0, $i) . $tag;
+ $text = substr($text, $i + $l);
}
// Clear Tag Queue
@@ -979,9 +1729,8 @@ function force_balance_tags( $text ) {
$newtext .= $text;
// Empty Stack
- while($x = array_pop($tagstack)) {
+ while( $x = array_pop($tagstack) )
$newtext .= '' . $x . '>'; // Add remaining tags to close
- }
// WP fix for the bug with HTML comments
$newtext = str_replace("< !--","