Use CDATA escaping on fields. Props tellyworth. fixes #4452
git-svn-id: http://svn.automattic.com/wordpress/trunk@5711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
560d294867
commit
2ea53cf51a
|
@ -131,7 +131,7 @@ print '<?xml version="1.0" encoding="' . get_bloginfo('charset') . '"?' . ">\n";
|
||||||
This is a WordPress eXtended RSS file generated by WordPress as an export of
|
This is a WordPress eXtended RSS file generated by WordPress as an export of
|
||||||
your blog. It contains information about your blog's posts, comments, and
|
your blog. It contains information about your blog's posts, comments, and
|
||||||
categories. You may use this file to transfer that content from one site to
|
categories. You may use this file to transfer that content from one site to
|
||||||
another. This file is not intended to serve as a complete backup of your
|
another. This file is not intended to serve as a complete backup of your
|
||||||
blog.
|
blog.
|
||||||
|
|
||||||
To import this information into a WordPress blog follow these steps:
|
To import this information into a WordPress blog follow these steps:
|
||||||
|
@ -203,7 +203,7 @@ $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post
|
||||||
if ( $comments ) { foreach ( $comments as $c ) { ?>
|
if ( $comments ) { foreach ( $comments as $c ) { ?>
|
||||||
<wp:comment>
|
<wp:comment>
|
||||||
<wp:comment_id><?php echo $c->comment_ID; ?></wp:comment_id>
|
<wp:comment_id><?php echo $c->comment_ID; ?></wp:comment_id>
|
||||||
<wp:comment_author><?php echo $c->comment_author; ?></wp:comment_author>
|
<wp:comment_author><?php echo wxr_cdata($c->comment_author); ?></wp:comment_author>
|
||||||
<wp:comment_author_email><?php echo $c->comment_author_email; ?></wp:comment_author_email>
|
<wp:comment_author_email><?php echo $c->comment_author_email; ?></wp:comment_author_email>
|
||||||
<wp:comment_author_url><?php echo $c->comment_author_url; ?></wp:comment_author_url>
|
<wp:comment_author_url><?php echo $c->comment_author_url; ?></wp:comment_author_url>
|
||||||
<wp:comment_author_IP><?php echo $c->comment_author_IP; ?></wp:comment_author_IP>
|
<wp:comment_author_IP><?php echo $c->comment_author_IP; ?></wp:comment_author_IP>
|
||||||
|
|
|
@ -37,7 +37,8 @@ class WP_Import {
|
||||||
function get_tag( $string, $tag ) {
|
function get_tag( $string, $tag ) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
preg_match("|<$tag.*?>(.*?)</$tag>|is", $string, $return);
|
preg_match("|<$tag.*?>(.*?)</$tag>|is", $string, $return);
|
||||||
$return = $wpdb->escape( trim( $return[1] ) );
|
$return = preg_replace('|<!\[CDATA\[(.*)\]\]>|', '$1', $return[1]);
|
||||||
|
$return = $wpdb->escape( trim( $return ) );
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -215,7 +216,7 @@ class WP_Import {
|
||||||
$cat_names = (array) $wpdb->get_col("SELECT cat_name FROM $wpdb->categories");
|
$cat_names = (array) $wpdb->get_col("SELECT cat_name FROM $wpdb->categories");
|
||||||
|
|
||||||
while ( $c = array_shift($this->categories) ) {
|
while ( $c = array_shift($this->categories) ) {
|
||||||
$cat_name = trim(str_replace(array ('<![CDATA[', ']]>'), '', $this->get_tag( $c, 'wp:cat_name' )));
|
$cat_name = trim($this->get_tag( $c, 'wp:cat_name' ));
|
||||||
|
|
||||||
// If the category exists we leave it alone
|
// If the category exists we leave it alone
|
||||||
if ( in_array($cat_name, $cat_names) )
|
if ( in_array($cat_name, $cat_names) )
|
||||||
|
@ -274,7 +275,6 @@ class WP_Import {
|
||||||
$post_author = $this->get_tag( $post, 'dc:creator' );
|
$post_author = $this->get_tag( $post, 'dc:creator' );
|
||||||
|
|
||||||
$post_content = $this->get_tag( $post, 'content:encoded' );
|
$post_content = $this->get_tag( $post, 'content:encoded' );
|
||||||
$post_content = str_replace(array ('<![CDATA[', ']]>'), '', $post_content);
|
|
||||||
$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
|
$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
|
||||||
$post_content = str_replace('<br>', '<br />', $post_content);
|
$post_content = str_replace('<br>', '<br />', $post_content);
|
||||||
$post_content = str_replace('<hr>', '<hr />', $post_content);
|
$post_content = str_replace('<hr>', '<hr />', $post_content);
|
||||||
|
|
Loading…
Reference in New Issue