WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Verify tags used in the gallery shortcode. 

git-svn-id: http://core.svn.wordpress.org/branches/3.5@23317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Nacin 2013-01-22 15:37:36 +00:00
parent 90fd3a0afc
commit 296684d9cf
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wp-includes/media.php
View File

@ -735,6 +735,15 @@ function gallery_shortcode($attr) {
$itemtag = tag_escape($itemtag); $itemtag = tag_escape($itemtag);
$captiontag = tag_escape($captiontag); $captiontag = tag_escape($captiontag);
$icontag = tag_escape($icontag);
$valid_tags = wp_kses_allowed_html( 'post' );
if ( ! isset( $valid_tags[ $itemtag ] ) )
$itemtag = 'dl';
if ( ! isset( $valid_tags[ $captiontag ] ) )
$captiontag = 'dd';
if ( ! isset( $valid_tags[ $icontag ] ) )
$icontag = 'dt';
$columns = intval($columns); $columns = intval($columns);
$itemwidth = $columns > 0 ? floor(100/$columns) : 100; $itemwidth = $columns > 0 ? floor(100/$columns) : 100;
$float = is_rtl() ? 'right' : 'left'; $float = is_rtl() ? 'right' : 'left';