summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
6e54d1c)
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
<body>
<h1 id="logo">
<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
<body>
<h1 id="logo">
<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
</h1>
<p style="text-align: center">Semantic Personal Publishing Platform</p>
</h1>
<p style="text-align: center">Semantic Personal Publishing Platform</p>
$mysql_version = $wpdb->db_version();
$required_php_version = '4.3';
$required_mysql_version = '4.1.2';
$mysql_version = $wpdb->db_version();
$required_php_version = '4.3';
$required_mysql_version = '4.1.2';
$php_compat = version_compare( $php_version, $required_php_version, '>=' );
$mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
$php_compat = version_compare( $php_version, $required_php_version, '>=' );
$mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
// Replace ampersands and single quotes only when displaying.
if ( 'display' == $_context ) {
// Replace ampersands and single quotes only when displaying.
if ( 'display' == $_context ) {
- $url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
+ $url = wp_kses_normalize_entities( $url );
+ $url = str_replace( '&', '&', $url );
$url = str_replace( "'", ''', $url );
}
$url = str_replace( "'", ''', $url );
}
- if ( $arreach['name'] == 'style' ) {
+ if ( strtolower($arreach['name']) == 'style' ) {
$orig_value = $arreach['value'];
$value = safecss_filter_attr($orig_value);
$orig_value = $arreach['value'];
$value = safecss_filter_attr($orig_value);
# "value"
{
$thisval = $match[1];
# "value"
{
$thisval = $match[1];
- if ( in_array($attrname, $uris) )
+ if ( in_array(strtolower($attrname), $uris) )
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
if(FALSE === array_key_exists($attrname, $attrarr)) {
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
if(FALSE === array_key_exists($attrname, $attrarr)) {
# 'value'
{
$thisval = $match[1];
# 'value'
{
$thisval = $match[1];
- if ( in_array($attrname, $uris) )
+ if ( in_array(strtolower($attrname), $uris) )
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
if(FALSE === array_key_exists($attrname, $attrarr)) {
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
if(FALSE === array_key_exists($attrname, $attrarr)) {
# value
{
$thisval = $match[1];
# value
{
$thisval = $match[1];
- if ( in_array($attrname, $uris) )
+ if ( in_array(strtolower($attrname), $uris) )
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
if(FALSE === array_key_exists($attrname, $attrarr)) {
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
if(FALSE === array_key_exists($attrname, $attrarr)) {
* @return string Sanitized content
*/
function wp_kses_bad_protocol_once($string, $allowed_protocols) {
* @return string Sanitized content
*/
function wp_kses_bad_protocol_once($string, $allowed_protocols) {
- global $_kses_allowed_protocols;
- $_kses_allowed_protocols = $allowed_protocols;
-
- $string2 = preg_split('/:|:|:/i', $string, 2);
- if ( isset($string2[1]) && !preg_match('%/\?%', $string2[0]) )
- $string = wp_kses_bad_protocol_once2($string2[0]) . trim($string2[1]);
- else
- $string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', 'wp_kses_bad_protocol_once2', $string);
+ $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 );
+ if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) )
+ $string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] );
* @access private
* @since 1.0.0
*
* @access private
* @since 1.0.0
*
- * @param mixed $matches string or preg_replace_callback() matches array to check for bad protocols
+ * @param string $string URI scheme to check against the whitelist
+ * @param string $allowed_protocols Allowed protocols
* @return string Sanitized content
*/
* @return string Sanitized content
*/
-function wp_kses_bad_protocol_once2($matches) {
- global $_kses_allowed_protocols;
-
- if ( is_array($matches) ) {
- if ( empty($matches[1]) )
- return '';
-
- $string = $matches[1];
- } else {
- $string = $matches;
- }
-
+function wp_kses_bad_protocol_once2( $string, $allowed_protocols ) {
$string2 = wp_kses_decode_entities($string);
$string2 = preg_replace('/\s/', '', $string2);
$string2 = wp_kses_no_null($string2);
$string2 = strtolower($string2);
$allowed = false;
$string2 = wp_kses_decode_entities($string);
$string2 = preg_replace('/\s/', '', $string2);
$string2 = wp_kses_no_null($string2);
$string2 = strtolower($string2);
$allowed = false;
- foreach ( (array) $_kses_allowed_protocols as $one_protocol)
- if (strtolower($one_protocol) == $string2) {
+ foreach ( (array) $allowed_protocols as $one_protocol )
+ if ( strtolower($one_protocol) == $string2 ) {
$allowed = true;
break;
}
$allowed = true;
break;
}
*
* @global string $wp_version
*/
*
* @global string $wp_version
*/
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.