From 585d7513a88cb3cc424f811f4b19d57b1dc5324f Mon Sep 17 00:00:00 2001
From: markjaquith <markjaquith@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 20 Jun 2007 19:13:29 +0000
Subject: [PATCH] js_escape improvements from Alexander Concha. Catches &#39
 &#039 &#39; &#039; &#x27; &#X000027; &#x000027 etc. for 2.0.x

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/functions-formatting.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php
index f72f2e3488..217e953ea3 100644
--- a/wp-includes/functions-formatting.php
+++ b/wp-includes/functions-formatting.php
@@ -1067,7 +1067,7 @@ function clean_url( $url, $protocols = null ) {
 // Escape single quotes, specialchar double quotes, and fix line endings.
 function js_escape($text) {
 	$safe_text = wp_specialchars($text, 'double');
-	$safe_text = str_replace('&#039;', "'", $safe_text);
+	$safe_text = preg_replace('/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes($safe_text));
 	$safe_text = preg_replace("/\r?\n/", "\\n", addslashes($safe_text));
 	return apply_filters('js_escape', $safe_text, $text);
 }