More filters and KSES cleanup.

git-svn-id: http://svn.automattic.com/wordpress/trunk@2151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-21 04:15:01 +02:00 · 2005-01-26 22:29:18 +00:00 · 2005-01-26 22:29:18 +00:00 · 10792f3274
commit 10792f3274
parent 8d7769dd6b
3 changed files with 10 additions and 5 deletions
--- a/wp-includes/functions-post.php
+++ b/wp-includes/functions-post.php
@ -6,7 +6,7 @@
 * generic function for inserting data into the posts table.
 */
 function wp_insert_post($postarr = array()) {
-	global $wpdb, $post_default_category;
+	global $wpdb, $post_default_category, $allowedtags;
 	
 	// export array as variables
 	extract($postarr);
--- a/wp-includes/kses.php
+++ b/wp-includes/kses.php
@ -45,8 +45,7 @@ $allowedtags = array(
 	);
 }
 function wp_kses($string, $allowed_html, $allowed_protocols =
-               array('http', 'https', 'ftp', 'news', 'nntp', 'telnet',
-                     'gopher', 'mailto'))
+               array('http', 'https', 'ftp', 'news', 'nntp', 'feed', 'gopher', 'mailto'))
 ###############################################################################
 # This function makes sure that only the allowed HTML element names, attribute
 # names and attribute values plus only sane HTML entities will occur in
@ -556,9 +555,9 @@ function wp_kses_decode_entities($string)
  return $string;
 } # function wp_kses_decode_entities

-function wp_filter_kses($data) {
+function wp_filter_kses( $string ) {
 	global $allowedtags;
-	return wp_kses($data, $allowedtags);
+	return wp_kses($string, $allowedtags);
 }

 ?>
--- a/wp-includes/vars.php
+++ b/wp-includes/vars.php
@ -139,9 +139,15 @@ add_filter('pre_comment_author_url', 'strip_tags');
 add_filter('pre_comment_author_url', 'trim');
 add_filter('pre_comment_author_url', 'clean_url');

+add_filter('pre_comment_content', 'stripslashes', 1);
 add_filter('pre_comment_content', 'wp_filter_kses');
 add_filter('pre_comment_content', 'wp_rel_nofollow', 15);
 add_filter('pre_comment_content', 'balanceTags', 30);
+add_filter('pre_comment_content', 'addslashes', 50);
+
+add_filter('pre_comment_author_name', 'wp_filter_kses');
+add_filter('pre_comment_author_email', 'wp_filter_kses');
+add_filter('pre_comment_author_url', 'wp_filter_kses');

 // Default filters for these functions
 add_filter('comment_author', 'wptexturize');