In sanitize_title(), strip_tags() before sanitizing, not after. In post.php, if post name is empty, pass the post title to the sanitizer.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
05aa21431e
commit
b2fe32b18d
|
@ -302,7 +302,11 @@ case 'editpost':
|
||||||
if (empty($ping_status)) $ping_status = 'closed';
|
if (empty($ping_status)) $ping_status = 'closed';
|
||||||
//if (!$_POST['ping_status']) $ping_status = get_settings('default_ping_status');
|
//if (!$_POST['ping_status']) $ping_status = get_settings('default_ping_status');
|
||||||
$post_password = $_POST['post_password'];
|
$post_password = $_POST['post_password'];
|
||||||
$post_name = sanitize_title($_POST['post_name'], $post_ID);
|
$post_name = $_POST['post_name'];
|
||||||
|
if (empty($post_name)) {
|
||||||
|
$post_name = $post_title;
|
||||||
|
}
|
||||||
|
$post_name = sanitize_title($post_name, $post_ID);
|
||||||
if (empty($post_name)) $post_name = sanitize_title($post_title);
|
if (empty($post_name)) $post_name = sanitize_title($post_title);
|
||||||
$trackback = $_POST['trackback_url'];
|
$trackback = $_POST['trackback_url'];
|
||||||
// Format trackbacks
|
// Format trackbacks
|
||||||
|
|
|
@ -120,8 +120,9 @@ function remove_accents($string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function sanitize_title($title, $fallback_title = '') {
|
function sanitize_title($title, $fallback_title = '') {
|
||||||
$title = apply_filters('sanitize_title', $title);
|
|
||||||
$title = strip_tags($title);
|
$title = strip_tags($title);
|
||||||
|
$title = apply_filters('sanitize_title', $title);
|
||||||
|
|
||||||
if (empty($title)) {
|
if (empty($title)) {
|
||||||
$title = $fallback_title;
|
$title = $fallback_title;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue