Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-28 07:45:02 +02:00
Code Issues Projects Releases Wiki Activity

Fix using htmlspecialchars() whit the $double_encode parameter. PHP < 5.4 doesn't validate the entities.

Browse Source 
Props miqrogroove. Fixes #17780.
Built from https://develop.svn.wordpress.org/trunk@32851


git-svn-id: http://core.svn.wordpress.org/trunk@32822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Ozz 2015-06-19 01:53:26 +00:00
parent d8c93a081d
commit 503b80be0b
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-includes/formatting.php
View File

@ -688,6 +688,12 @@ function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = fals
$quote_style = ENT_NOQUOTES; $quote_style = ENT_NOQUOTES;
} }
if ( ! $double_encode ) {
// Guarantee every &entity; is valid, convert &garbage; into &amp;garbage;
// This is required for PHP < 5.4.0 because ENT_HTML401 flag is unavailable.
$string = wp_kses_normalize_entities( $string );
}
$string = @htmlspecialchars( $string, $quote_style, $charset, $double_encode ); $string = @htmlspecialchars( $string, $quote_style, $charset, $double_encode );
// Backwards compatibility // Backwards compatibility

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.3-alpha-32850'; $wp_version = '4.3-alpha-32851';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.