-
-
Save xknown/b0bdcfa87edf039e995822d86cfde441 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function wp_kses_split( $string, $allowed_html, $allowed_protocols ) { | |
| return preg_replace_callback( '%(<!--.*?(-->|$))|(<[^>]*(>|$)|>)%', function( $match ) use ($allowed_html, $allowed_protocols) { | |
| return wp_kses_split2( $match[0], $allowed_html, $allowed_protocols ); | |
| }, $string ); | |
| } | |
| function wp_kses_split2($string, $allowed_html, $allowed_protocols) { | |
| $string = str_replace( '\\"', '"', $string ); | |
| if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) { | |
| return ''; | |
| } | |
| $slash = trim($matches[1]); | |
| $elem = $matches[2]; | |
| $attrlist = $matches[3]; | |
| if ($slash != '') | |
| return "</$elem>"; | |
| return wp_kses_attr( $elem, $attrlist, $allowed_html, $allowed_protocols ); | |
| } | |
| function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) { | |
| $attrarr = array( array( 'name' => 'style', 'value' => '', 'whole' => "name=''", 'vless' => 'style' ) ); | |
| // Go through $attrarr, and save the allowed attributes for this element | |
| // in $attr2 | |
| $attr2 = ''; | |
| foreach ( $attrarr as $arreach ) { | |
| if ( wp_kses_attr_check( $arreach['name'], $arreach['value'], $arreach['whole'], $arreach['vless'], $element, $allowed_html ) ) { | |
| $attr2 .= ' '.$arreach['whole']; | |
| } | |
| } | |
| return "<$element$attr2>"; | |
| } | |
| function wp_kses_attr_check( &$name, &$value, &$whole, $vless, $element, $allowed_html ) { | |
| $allowed_attr = $allowed_html[strtolower( $element )]; | |
| $name_low = strtolower( $name ); | |
| if ( ! isset( $allowed_attr[$name_low] ) || '' == $allowed_attr[$name_low] ) { | |
| $name = $value = $whole = ''; | |
| return false; | |
| } | |
| if ( 'style' == $name_low ) { | |
| $new_value = safecss_filter_attr( $value ); | |
| if ( empty( $new_value ) ) { | |
| $name = $value = $whole = ''; | |
| return false; | |
| } | |
| $whole = str_replace( $value, $new_value, $whole ); | |
| $value = $new_value; | |
| } | |
| return true; | |
| } | |
| function safecss_filter_attr( $css, $element = 'div' ) { | |
| $css = $element . ' {' . $css . '}'; | |
| $css = wp_kses_split( $css, array(), array() ); | |
| $old = @setlocale(LC_ALL, 0); | |
| @setlocale(LC_ALL, 'C'); | |
| preg_match( "/[^\s\r\n\t\f]/", $css{0} ); | |
| @setlocale(LC_ALL, $old); | |
| return ''; | |
| } | |
| $content = '<p style="">hola</p><p style="">hola</p>'; | |
| var_dump( wp_kses_split( addslashes( $content ), array('p'=>array('style' => array())), array() ) ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment