From 5f83a2a7569adb19842fd90abc48731b6c459278 Mon Sep 17 00:00:00 2001 From: ryan Date: Mon, 21 Nov 2005 18:28:32 +0000 Subject: [PATCH] Filter blog name and description through kses. Props donncha. fixes #1931 git-svn-id: http://svn.automattic.com/wordpress/trunk@3187 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/options.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wp-admin/options.php b/wp-admin/options.php index 7d78656845..1b9abbb7bc 100644 --- a/wp-admin/options.php +++ b/wp-admin/options.php @@ -53,6 +53,10 @@ case 'update': if( in_array($option, $nonbools) && ( $value == '0' || $value == '') ) $value = 'closed'; + if( $option == 'blogdescription' || $option == 'blogname' ) + if (current_user_can('unfiltered_html') == false) + $value = wp_filter_post_kses( $value ); + if ( update_option($option, $value) ) $any_changed++; }