[wp-cvs] wordpress/wp-includes functions.php,1.173,1.174
Ernest MacDougal Campbell III
emc3 at users.sourceforge.net
Sat Oct 2 00:46:32 UTC 2004
Update of /cvsroot/cafelog/wordpress/wp-includes
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12240/wp-includes
Modified Files:
functions.php
Log Message:
Security: Clean up user inputs before using.
Index: functions.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-includes/functions.php,v
retrieving revision 1.173
retrieving revision 1.174
diff -C2 -d -r1.173 -r1.174
*** functions.php 30 Sep 2004 17:56:16 -0000 1.173
--- functions.php 2 Oct 2004 00:46:29 -0000 1.174
***************
*** 1717,1719 ****
--- 1717,1727 ----
}
+ // Borrowed from the PHP Manual user notes. Convert entities, while
+ // preserving already-encoded entities:
+ function htmlentities2($myHTML) {
+ $translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
+ $translation_table[chr(38)] = '&';
+ return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($myHTML, $translation_table));
+ }
+
?>
More information about the cvs
mailing list