Changeset 3574
- Timestamp:
- 02/28/06 04:22:24 (3 years ago)
- Files:
-
- trunk/wp-comments-post.php (modified) (1 diff)
- trunk/wp-includes/kses.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/wp-comments-post.php
r3566 r3574 49 49 $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'user_ID'); 50 50 51 wp_new_comment( $commentdata );51 $comment_id = wp_new_comment( $commentdata ); 52 52 53 $comment = get_comment($comment_id); 53 54 if ( !$user->ID ) : 54 setcookie('comment_author_' . COOKIEHASH, stripslashes($comment_author), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);55 setcookie('comment_author_email_' . COOKIEHASH, stripslashes($comment_author_email), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);56 setcookie('comment_author_url_' . COOKIEHASH, stripslashes(clean_url($comment_author_url)), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);55 setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); 56 setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); 57 setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->$comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); 57 58 endif; 58 59 trunk/wp-includes/kses.php
r3566 r3574 513 513 function wp_filter_kses($data) { 514 514 global $allowedtags; 515 return wp_kses($data, $allowedtags);515 return addslashes( wp_kses(stripslashes( $data ), $allowedtags) ); 516 516 } 517 517 … … 521 521 } 522 522 523 function wp_filter_nohtml_kses($data) { 524 return addslashes ( wp_kses(stripslashes( $data ), array()) ); 525 } 526 523 527 function kses_init_filters() { 524 add_filter('pre_comment_author', 'wp_filter_kses'); 525 add_filter('pre_comment_content', 'wp_filter_kses'); 526 add_filter('content_save_pre', 'wp_filter_post_kses'); 527 add_filter('title_save_pre', 'wp_filter_kses'); 528 // Normal filtering. 529 add_filter('pre_comment_content', 'wp_filter_kses'); 530 add_filter('title_save_pre', 'wp_filter_kses'); 531 532 // Post filtering 533 add_filter('content_save_pre', 'wp_filter_post_kses'); 534 535 // Strip all html. 536 add_filter('pre_comment_author_name', 'wp_filter_nohtml_kses'); 537 add_filter('pre_comment_author_url', 'wp_filter_nohtml_kses'); 538 add_filter('pre_comment_author_email', 'wp_filter_nohtml_kses'); 539 add_filter('pre_comment_user_ip', 'wp_filter_nohtml_kses'); 540 add_filter('pre_comment_user_agent', 'wp_filter_nohtml_kses'); 541 add_filter('pre_user_id', 'wp_filter_nohtml_kses'); 542 } 543 544 function kses_remove_filters() { 545 // Normal filtering. 546 remove_filter('pre_comment_content', 'wp_filter_kses'); 547 remove_filter('title_save_pre', 'wp_filter_kses'); 548 549 // Post filtering 550 remove_filter('content_save_pre', 'wp_filter_post_kses'); 551 552 // Strip all html. 553 remove_filter('pre_comment_author_name', 'wp_filter_nohtml_kses'); 554 remove_filter('pre_comment_author_url', 'wp_filter_nohtml_kses'); 555 remove_filter('pre_comment_author_email', 'wp_filter_nohtml_kses'); 556 remove_filter('pre_comment_user_ip', 'wp_filter_nohtml_kses'); 557 remove_filter('pre_comment_user_agent', 'wp_filter_nohtml_kses'); 558 remove_filter('pre_user_id', 'wp_filter_nohtml_kses'); 528 559 } 529 560 530 561 function kses_init() { 531 remove_filter('pre_comment_author', 'wp_filter_kses'); 532 remove_filter('pre_comment_content', 'wp_filter_kses'); 533 remove_filter('content_save_pre', 'wp_filter_post_kses'); 534 remove_filter('title_save_pre', 'wp_filter_kses'); 562 kses_remove_filters(); 535 563 536 564 if (current_user_can('unfiltered_html') == false) 537 565 kses_init_filters(); 538 566 } 567 539 568 add_action('init', 'kses_init'); 540 569 add_action('set_current_user', 'kses_init');
