if ( ! defined( 'CUSTOM_TAGS' ) )
define( 'CUSTOM_TAGS', false );
+// Ensure that these variables are added to the global namespace
+// (e.g. if using namespaces / autoload in the current PHP environment).
+global $allowedposttags, $allowedtags, $allowedentitynames;
+
if ( ! CUSTOM_TAGS ) {
/**
* Kses global for default allowable HTML tags.
}
/**
- * Removes any null characters in $string.
+ * Removes any invalid control characters in $string.
+ *
+ * Also removes any instance of the '\0' string.
*
* @since 1.0.0
*
* @return string
*/
function wp_kses_no_null($string) {
- $string = preg_replace('/\0+/', '', $string);
+ $string = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F]/', '', $string);
$string = preg_replace('/(\\\\0)+/', '', $string);
return $string;
$css = wp_kses_no_null($css);
$css = str_replace(array("\n","\r","\t"), '', $css);
- if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments
+ if ( preg_match( '%[\\\\(&=}]|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments
return '';
$css_array = explode( ';', trim( $css ) );