From 25c2dcac3c16c83700ec4233ecc67a3191bb1360 Mon Sep 17 00:00:00 2001 From: ryan Date: Tue, 28 Feb 2006 09:49:06 +0000 Subject: [PATCH] More comment cookie sanitation. git-svn-id: http://svn.automattic.com/wordpress/trunk@3577 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-comments-post.php | 2 +- wp-includes/comment-functions.php | 22 +++++++++++++++++++--- wp-includes/default-filters.php | 2 -- wp-includes/functions-formatting.php | 4 ++++ wp-includes/kses.php | 16 ---------------- 5 files changed, 24 insertions(+), 22 deletions(-) diff --git a/wp-comments-post.php b/wp-comments-post.php index 82ab6f65e5..2e561b2681 100644 --- a/wp-comments-post.php +++ b/wp-comments-post.php @@ -54,7 +54,7 @@ $comment = get_comment($comment_id); if ( !$user->ID ) : setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); - setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->$comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); + setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); endif; $location = ( empty( $_POST['redirect_to'] ) ) ? get_permalink( $comment_post_ID ) : $_POST['redirect_to']; diff --git a/wp-includes/comment-functions.php b/wp-includes/comment-functions.php index 4a5f676685..2c6546d2af 100644 --- a/wp-includes/comment-functions.php +++ b/wp-includes/comment-functions.php @@ -7,9 +7,25 @@ function comments_template( $file = '/comments.php' ) { if ( is_single() || is_page() || $withcomments ) : $req = get_settings('require_name_email'); - $comment_author = isset($_COOKIE['comment_author_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_'.COOKIEHASH])) : ''; - $comment_author_email = isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_email_'.COOKIEHASH])) : ''; - $comment_author_url = isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_url_'.COOKIEHASH])) : ''; + $comment_author = ''; + if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { + $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); + $comment_author = stripslashes($comment_author); + $comment_author = wp_specialchars($comment_author, true); + } + $comment_author_email = ''; + if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { + $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); + $comment_author_email = stripslashes($comment_author_email); + $comment_author_email = wp_specialchars($comment_author_email, true); + } + $comment_author_url = ''; + if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { + $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); + $comment_author_url = stripslashes($comment_author_url); + $comment_author_url = wp_specialchars($comment_author_url, true); + } + if ( empty($comment_author) ) { $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); } else { diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index fcf0f3c7df..3d398c0850 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -24,10 +24,8 @@ add_filter('pre_comment_author_url', 'strip_tags'); add_filter('pre_comment_author_url', 'trim'); add_filter('pre_comment_author_url', 'clean_url'); -add_filter('pre_comment_content', 'stripslashes', 1); add_filter('pre_comment_content', 'wp_rel_nofollow', 15); add_filter('pre_comment_content', 'balanceTags', 30); -add_filter('pre_comment_content', 'addslashes', 50); add_filter('pre_comment_author_name', 'wp_filter_kses'); add_filter('pre_comment_author_email', 'wp_filter_kses'); diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php index c593bc862b..feae447a07 100644 --- a/wp-includes/functions-formatting.php +++ b/wp-includes/functions-formatting.php @@ -579,7 +579,11 @@ function make_clickable($ret) { } function wp_rel_nofollow( $text ) { + global $wpdb; + // This is a pre save filter, so text is already escaped. + $text = stripslashes($text); $text = preg_replace('||i', '', $text); + $text = $wpdb->escape($text); return $text; } diff --git a/wp-includes/kses.php b/wp-includes/kses.php index 3cc8bab1a8..42a27c0741 100644 --- a/wp-includes/kses.php +++ b/wp-includes/kses.php @@ -531,14 +531,6 @@ function kses_init_filters() { // Post filtering add_filter('content_save_pre', 'wp_filter_post_kses'); - - // Strip all html. - add_filter('pre_comment_author_name', 'wp_filter_nohtml_kses'); - add_filter('pre_comment_author_url', 'wp_filter_nohtml_kses'); - add_filter('pre_comment_author_email', 'wp_filter_nohtml_kses'); - add_filter('pre_comment_user_ip', 'wp_filter_nohtml_kses'); - add_filter('pre_comment_user_agent', 'wp_filter_nohtml_kses'); - add_filter('pre_user_id', 'wp_filter_nohtml_kses'); } function kses_remove_filters() { @@ -548,14 +540,6 @@ function kses_remove_filters() { // Post filtering remove_filter('content_save_pre', 'wp_filter_post_kses'); - - // Strip all html. - remove_filter('pre_comment_author_name', 'wp_filter_nohtml_kses'); - remove_filter('pre_comment_author_url', 'wp_filter_nohtml_kses'); - remove_filter('pre_comment_author_email', 'wp_filter_nohtml_kses'); - remove_filter('pre_comment_user_ip', 'wp_filter_nohtml_kses'); - remove_filter('pre_comment_user_agent', 'wp_filter_nohtml_kses'); - remove_filter('pre_user_id', 'wp_filter_nohtml_kses'); } function kses_init() {