WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

htmlspecialchars when loading content into html editor. Props DD32 and andy. fixes #5796 

git-svn-id: http://svn.automattic.com/wordpress/trunk@6767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-02-09 07:29:36 +00:00
parent 9587194fb9
commit a96ae481ff
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
wp-includes/formatting.php
View File

@ -1111,6 +1111,13 @@ function wp_richedit_pre($text) {
return apply_filters('richedit_pre', $output); return apply_filters('richedit_pre', $output);
} }
function wp_htmledit_pre($output) {
if ( !empty($output) )
$output = htmlspecialchars($output, ENT_NOQUOTES); // convert only < > &
return apply_filters('htmledit_pre', $output);
}
function clean_url( $url, $protocols = null, $context = 'display' ) { function clean_url( $url, $protocols = null, $context = 'display' ) {
$original_url = $url; $original_url = $url;

2
wp-includes/general-template.php
View File

@ -932,6 +932,8 @@ function the_editor($content, $id = 'content', $prev_id = 'title') {
if ( 'tinymce' == $wp_default_editor ) if ( 'tinymce' == $wp_default_editor )
add_filter('the_editor_content', 'wp_richedit_pre'); add_filter('the_editor_content', 'wp_richedit_pre');
else if ( 'html' == $wp_default_editor )
add_filter('the_editor_content', 'wp_htmledit_pre');
// The following line moves the border so that the active button "attaches" to the toolbar. Only IE needs it. // The following line moves the border so that the active button "attaches" to the toolbar. Only IE needs it.
?> ?>