enmi-conf.org: wp/wp-includes/kses.php@d970ebf37754 (annotated)

0 d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	2	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	3	* kses 0.2.2 - HTML/XHTML filter that only allows some elements and attributes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	4	* Copyright (C) 2002, 2003, 2005 Ulf Harnhammar
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	5	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	6	* This program is free software and open source software; you can redistribute
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	7	* it and/or modify it under the terms of the GNU General Public License as
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	8	* published by the Free Software Foundation; either version 2 of the License,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	9	* or (at your option) any later version.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	10	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	11	* This program is distributed in the hope that it will be useful, but WITHOUT
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	14	* more details.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	15	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	16	* You should have received a copy of the GNU General Public License along
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	17	* with this program; if not, write to the Free Software Foundation, Inc.,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	18	* 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	19	* http://www.gnu.org/licenses/gpl.html
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	20	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	21	* [kses strips evil scripts!]
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	22	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	23	* Added wp_ prefix to avoid conflicts with existing kses users
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	24	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	25	* @version 0.2.2
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	26	* @copyright (C) 2002, 2003, 2005
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	27	* @author Ulf Harnhammar <http://advogato.org/person/metaur/>
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	28	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	29	* @package External
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	30	* @subpackage KSES
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	31	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	32	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	33
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	34	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	35	* You can override this in a plugin.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	36	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	37	* The wp_kses_allowed_html filter is more powerful and supplies context.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	38	* CUSTOM_TAGS is not recommended and should be considered deprecated.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	39	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	40	* @see wp_kses_allowed_html()
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	41	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	42	* @since 1.2.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	43	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	44	if ( ! defined( 'CUSTOM_TAGS' ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	45	define( 'CUSTOM_TAGS', false );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	46
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	47	if ( ! CUSTOM_TAGS ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	48	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	49	* Kses global for default allowable HTML tags.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	50	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	51	* Can be override by using CUSTOM_TAGS constant.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	52	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	53	* @global array $allowedposttags
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	54	* @since 2.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	55	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	56	$allowedposttags = array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	57	'address' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	58	'a' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	59	'href' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	60	'rel' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	61	'rev' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	62	'name' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	63	'target' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	64	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	65	'abbr' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	66	'acronym' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	67	'area' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	68	'alt' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	69	'coords' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	70	'href' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	71	'nohref' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	72	'shape' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	73	'target' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	74	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	75	'article' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	76	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	77	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	78	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	79	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	80	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	81	'aside' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	82	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	83	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	84	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	85	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	86	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	87	'b' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	88	'big' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	89	'blockquote' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	90	'cite' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	91	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	92	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	93	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	94	'br' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	95	'button' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	96	'disabled' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	97	'name' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	98	'type' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	99	'value' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	100	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	101	'caption' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	102	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	103	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	104	'cite' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	105	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	106	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	107	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	108	'code' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	109	'col' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	110	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	111	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	112	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	113	'span' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	114	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	115	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	116	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	117	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	118	'del' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	119	'datetime' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	120	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	121	'dd' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	122	'details' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	123	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	124	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	125	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	126	'open' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	127	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	128	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	129	'div' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	130	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	131	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	132	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	133	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	134	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	135	'dl' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	136	'dt' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	137	'em' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	138	'fieldset' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	139	'figure' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	140	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	141	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	142	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	143	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	144	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	145	'figcaption' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	146	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	147	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	148	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	149	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	150	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	151	'font' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	152	'color' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	153	'face' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	154	'size' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	155	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	156	'footer' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	157	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	158	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	159	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	160	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	161	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	162	'form' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	163	'action' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	164	'accept' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	165	'accept-charset' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	166	'enctype' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	167	'method' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	168	'name' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	169	'target' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	170	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	171	'h1' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	172	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	173	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	174	'h2' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	175	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	176	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	177	'h3' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	178	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	179	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	180	'h4' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	181	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	182	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	183	'h5' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	184	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	185	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	186	'h6' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	187	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	188	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	189	'header' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	190	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	191	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	192	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	193	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	194	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	195	'hgroup' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	196	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	197	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	198	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	199	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	200	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	201	'hr' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	202	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	203	'noshade' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	204	'size' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	205	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	206	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	207	'i' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	208	'img' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	209	'alt' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	210	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	211	'border' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	212	'height' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	213	'hspace' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	214	'longdesc' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	215	'vspace' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	216	'src' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	217	'usemap' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	218	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	219	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	220	'ins' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	221	'datetime' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	222	'cite' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	223	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	224	'kbd' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	225	'label' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	226	'for' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	227	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	228	'legend' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	229	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	230	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	231	'li' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	232	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	233	'value' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	234	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	235	'map' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	236	'name' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	237	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	238	'menu' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	239	'type' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	240	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	241	'nav' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	242	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	243	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	244	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	245	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	246	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	247	'p' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	248	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	249	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	250	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	251	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	252	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	253	'pre' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	254	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	255	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	256	'q' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	257	'cite' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	258	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	259	's' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	260	'span' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	261	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	262	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	263	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	264	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	265	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	266	'section' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	267	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	268	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	269	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	270	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	271	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	272	'small' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	273	'strike' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	274	'strong' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	275	'sub' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	276	'summary' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	277	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	278	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	279	'lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	280	'xml:lang' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	281	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	282	'sup' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	283	'table' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	284	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	285	'bgcolor' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	286	'border' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	287	'cellpadding' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	288	'cellspacing' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	289	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	290	'rules' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	291	'summary' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	292	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	293	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	294	'tbody' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	295	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	296	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	297	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	298	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	299	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	300	'td' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	301	'abbr' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	302	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	303	'axis' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	304	'bgcolor' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	305	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	306	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	307	'colspan' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	308	'dir' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	309	'headers' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	310	'height' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	311	'nowrap' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	312	'rowspan' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	313	'scope' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	314	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	315	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	316	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	317	'textarea' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	318	'cols' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	319	'rows' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	320	'disabled' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	321	'name' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	322	'readonly' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	323	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	324	'tfoot' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	325	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	326	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	327	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	328	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	329	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	330	'th' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	331	'abbr' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	332	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	333	'axis' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	334	'bgcolor' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	335	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	336	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	337	'colspan' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	338	'headers' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	339	'height' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	340	'nowrap' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	341	'rowspan' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	342	'scope' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	343	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	344	'width' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	345	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	346	'thead' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	347	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	348	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	349	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	350	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	351	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	352	'title' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	353	'tr' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	354	'align' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	355	'bgcolor' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	356	'char' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	357	'charoff' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	358	'valign' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	359	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	360	'tt' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	361	'u' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	362	'ul' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	363	'type' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	364	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	365	'ol' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	366	'start' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	367	'type' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	368	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	369	'var' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	370	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	371
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	372	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	373	* Kses allowed HTML elements.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	374	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	375	* @global array $allowedtags
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	376	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	377	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	378	$allowedtags = array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	379	'a' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	380	'href' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	381	'title' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	382	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	383	'abbr' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	384	'title' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	385	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	386	'acronym' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	387	'title' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	388	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	389	'b' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	390	'blockquote' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	391	'cite' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	392	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	393	'cite' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	394	'code' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	395	'del' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	396	'datetime' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	397	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	398	'em' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	399	'i' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	400	'q' => array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	401	'cite' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	402	),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	403	'strike' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	404	'strong' => array(),
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	405	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	406
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	407	$allowedentitynames = array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	408	'nbsp', 'iexcl', 'cent', 'pound', 'curren', 'yen',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	409	'brvbar', 'sect', 'uml', 'copy', 'ordf', 'laquo',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	410	'not', 'shy', 'reg', 'macr', 'deg', 'plusmn',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	411	'acute', 'micro', 'para', 'middot', 'cedil', 'ordm',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	412	'raquo', 'iquest', 'Agrave', 'Aacute', 'Acirc', 'Atilde',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	413	'Auml', 'Aring', 'AElig', 'Ccedil', 'Egrave', 'Eacute',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	414	'Ecirc', 'Euml', 'Igrave', 'Iacute', 'Icirc', 'Iuml',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	415	'ETH', 'Ntilde', 'Ograve', 'Oacute', 'Ocirc', 'Otilde',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	416	'Ouml', 'times', 'Oslash', 'Ugrave', 'Uacute', 'Ucirc',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	417	'Uuml', 'Yacute', 'THORN', 'szlig', 'agrave', 'aacute',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	418	'acirc', 'atilde', 'auml', 'aring', 'aelig', 'ccedil',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	419	'egrave', 'eacute', 'ecirc', 'euml', 'igrave', 'iacute',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	420	'icirc', 'iuml', 'eth', 'ntilde', 'ograve', 'oacute',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	421	'ocirc', 'otilde', 'ouml', 'divide', 'oslash', 'ugrave',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	422	'uacute', 'ucirc', 'uuml', 'yacute', 'thorn', 'yuml',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	423	'quot', 'amp', 'lt', 'gt', 'apos', 'OElig',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	424	'oelig', 'Scaron', 'scaron', 'Yuml', 'circ', 'tilde',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	425	'ensp', 'emsp', 'thinsp', 'zwnj', 'zwj', 'lrm',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	426	'rlm', 'ndash', 'mdash', 'lsquo', 'rsquo', 'sbquo',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	427	'ldquo', 'rdquo', 'bdquo', 'dagger', 'Dagger', 'permil',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	428	'lsaquo', 'rsaquo', 'euro', 'fnof', 'Alpha', 'Beta',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	429	'Gamma', 'Delta', 'Epsilon', 'Zeta', 'Eta', 'Theta',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	430	'Iota', 'Kappa', 'Lambda', 'Mu', 'Nu', 'Xi',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	431	'Omicron', 'Pi', 'Rho', 'Sigma', 'Tau', 'Upsilon',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	432	'Phi', 'Chi', 'Psi', 'Omega', 'alpha', 'beta',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	433	'gamma', 'delta', 'epsilon', 'zeta', 'eta', 'theta',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	434	'iota', 'kappa', 'lambda', 'mu', 'nu', 'xi',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	435	'omicron', 'pi', 'rho', 'sigmaf', 'sigma', 'tau',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	436	'upsilon', 'phi', 'chi', 'psi', 'omega', 'thetasym',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	437	'upsih', 'piv', 'bull', 'hellip', 'prime', 'Prime',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	438	'oline', 'frasl', 'weierp', 'image', 'real', 'trade',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	439	'alefsym', 'larr', 'uarr', 'rarr', 'darr', 'harr',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	440	'crarr', 'lArr', 'uArr', 'rArr', 'dArr', 'hArr',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	441	'forall', 'part', 'exist', 'empty', 'nabla', 'isin',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	442	'notin', 'ni', 'prod', 'sum', 'minus', 'lowast',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	443	'radic', 'prop', 'infin', 'ang', 'and', 'or',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	444	'cap', 'cup', 'int', 'sim', 'cong', 'asymp',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	445	'ne', 'equiv', 'le', 'ge', 'sub', 'sup',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	446	'nsub', 'sube', 'supe', 'oplus', 'otimes', 'perp',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	447	'sdot', 'lceil', 'rceil', 'lfloor', 'rfloor', 'lang',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	448	'rang', 'loz', 'spades', 'clubs', 'hearts', 'diams',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	449	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	450
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	451	$allowedposttags = array_map( '_wp_add_global_attributes', $allowedposttags );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	452	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	453	$allowedtags = wp_kses_array_lc( $allowedtags );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	454	$allowedposttags = wp_kses_array_lc( $allowedposttags );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	455	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	456
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	457	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	458	* Filters content and keeps only allowable HTML elements.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	459	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	460	* This function makes sure that only the allowed HTML element names, attribute
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	461	* names and attribute values plus only sane HTML entities will occur in
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	462	* $string. You have to remove any slashes from PHP's magic quotes before you
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	463	* call this function.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	464	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	465	* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	466	* 'irc', 'gopher', 'nntp', 'feed', 'telnet, 'mms', 'rtsp' and 'svn'. This
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	467	* covers all common link protocols, except for 'javascript' which should not
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	468	* be allowed for untrusted users.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	469	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	470	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	471	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	472	* @param string $string Content to filter through kses
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	473	* @param array $allowed_html List of allowed HTML elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	474	* @param array $allowed_protocols Optional. Allowed protocol in links.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	475	* @return string Filtered content with only allowed HTML elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	476	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	477	function wp_kses( $string, $allowed_html, $allowed_protocols = array() ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	478	if ( empty( $allowed_protocols ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	479	$allowed_protocols = wp_allowed_protocols();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	480	$string = wp_kses_no_null($string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	481	$string = wp_kses_js_entities($string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	482	$string = wp_kses_normalize_entities($string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	483	$string = wp_kses_hook($string, $allowed_html, $allowed_protocols); // WP changed the order of these funcs and added args to wp_kses_hook
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	484	return wp_kses_split($string, $allowed_html, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	485	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	486
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	487	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	488	* Return a list of allowed tags and attributes for a given context.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	489	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	490	* @since 3.5.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	491	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	492	* @param string $context The context for which to retrieve tags. Allowed values are
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	493	* post \| strip \| data \| entities or the name of a field filter such as pre_user_description.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	494	* @return array List of allowed tags and their allowed attributes.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	495	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	496	function wp_kses_allowed_html( $context = '' ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	497	global $allowedposttags, $allowedtags, $allowedentitynames;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	498
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	499	if ( is_array( $context ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	500	return apply_filters( 'wp_kses_allowed_html', $context, 'explicit' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	501
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	502	switch ( $context ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	503	case 'post':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	504	return apply_filters( 'wp_kses_allowed_html', $allowedposttags, $context );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	505	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	506	case 'user_description':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	507	case 'pre_user_description':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	508	$tags = $allowedtags;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	509	$tags['a']['rel'] = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	510	return apply_filters( 'wp_kses_allowed_html', $tags, $context );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	511	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	512	case 'strip':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	513	return apply_filters( 'wp_kses_allowed_html', array(), $context );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	514	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	515	case 'entities':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	516	return apply_filters( 'wp_kses_allowed_html', $allowedentitynames, $context);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	517	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	518	case 'data':
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	519	default:
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	520	return apply_filters( 'wp_kses_allowed_html', $allowedtags, $context );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	521	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	522	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	523
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	524	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	525	* You add any kses hooks here.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	526	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	527	* There is currently only one kses WordPress hook and it is called here. All
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	528	* parameters are passed to the hooks and expected to receive a string.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	529	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	530	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	531	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	532	* @param string $string Content to filter through kses
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	533	* @param array $allowed_html List of allowed HTML elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	534	* @param array $allowed_protocols Allowed protocol in links
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	535	* @return string Filtered content through 'pre_kses' hook
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	536	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	537	function wp_kses_hook( $string, $allowed_html, $allowed_protocols ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	538	$string = apply_filters('pre_kses', $string, $allowed_html, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	539	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	540	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	541
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	542	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	543	* This function returns kses' version number.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	544	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	545	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	546	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	547	* @return string KSES Version Number
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	548	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	549	function wp_kses_version() {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	550	return '0.2.2';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	551	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	552
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	553	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	554	* Searches for HTML tags, no matter how malformed.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	555	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	556	* It also matches stray ">" characters.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	557	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	558	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	559	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	560	* @param string $string Content to filter
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	561	* @param array $allowed_html Allowed HTML elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	562	* @param array $allowed_protocols Allowed protocols to keep
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	563	* @return string Content with fixed HTML tags
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	564	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	565	function wp_kses_split( $string, $allowed_html, $allowed_protocols ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	566	global $pass_allowed_html, $pass_allowed_protocols;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	567	$pass_allowed_html = $allowed_html;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	568	$pass_allowed_protocols = $allowed_protocols;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	569	return preg_replace_callback( '%(<!--.?(-->\|$))\|(<[^>](>\|$)\|>)%', '_wp_kses_split_callback', $string );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	570	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	571
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	572	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	573	* Callback for wp_kses_split.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	574	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	575	* @since 3.1.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	576	* @access private
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	577	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	578	function _wp_kses_split_callback( $match ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	579	global $pass_allowed_html, $pass_allowed_protocols;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	580	return wp_kses_split2( $match[0], $pass_allowed_html, $pass_allowed_protocols );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	581	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	582
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	583	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	584	* Callback for wp_kses_split for fixing malformed HTML tags.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	585	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	586	* This function does a lot of work. It rejects some very malformed things like
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	587	* <:::>. It returns an empty string, if the element isn't allowed (look ma, no
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	588	* strip_tags()!). Otherwise it splits the tag into an element and an attribute
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	589	* list.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	590	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	591	* After the tag is split into an element and an attribute list, it is run
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	592	* through another filter which will remove illegal attributes and once that is
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	593	* completed, will be returned.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	594	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	595	* @access private
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	596	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	597	* @uses wp_kses_attr()
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	598	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	599	* @param string $string Content to filter
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	600	* @param array $allowed_html Allowed HTML elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	601	* @param array $allowed_protocols Allowed protocols to keep
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	602	* @return string Fixed HTML element
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	603	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	604	function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	605	$string = wp_kses_stripslashes($string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	606
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	607	if (substr($string, 0, 1) != '<')
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	608	return '>';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	609	# It matched a ">" character
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	610
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	611	if ( '<!--' == substr( $string, 0, 4 ) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	612	$string = str_replace( array('<!--', '-->'), '', $string );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	613	while ( $string != ($newstring = wp_kses($string, $allowed_html, $allowed_protocols)) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	614	$string = $newstring;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	615	if ( $string == '' )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	616	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	617	// prevent multiple dashes in comments
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	618	$string = preg_replace('/--+/', '-', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	619	// prevent three dashes closing a comment
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	620	$string = preg_replace('/-$/', '', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	621	return "<!--{$string}-->";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	622	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	623	# Allow HTML comments
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	624
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	625	if (!preg_match('%^<\s(/\s)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	626	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	627	# It's seriously malformed
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	628
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	629	$slash = trim($matches[1]);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	630	$elem = $matches[2];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	631	$attrlist = $matches[3];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	632
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	633	if ( ! is_array( $allowed_html ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	634	$allowed_html = wp_kses_allowed_html( $allowed_html );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	635
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	636	if ( ! isset($allowed_html[strtolower($elem)]) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	637	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	638	# They are using a not allowed HTML element
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	639
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	640	if ($slash != '')
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	641	return "</$elem>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	642	# No attributes are allowed for closing elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	643
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	644	return wp_kses_attr( $elem, $attrlist, $allowed_html, $allowed_protocols );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	645	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	646
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	647	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	648	* Removes all attributes, if none are allowed for this element.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	649	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	650	* If some are allowed it calls wp_kses_hair() to split them further, and then
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	651	* it builds up new HTML code from the data that kses_hair() returns. It also
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	652	* removes "<" and ">" characters, if there are any left. One more thing it does
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	653	* is to check if the tag has a closing XHTML slash, and if it does, it puts one
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	654	* in the returned code as well.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	655	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	656	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	657	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	658	* @param string $element HTML element/tag
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	659	* @param string $attr HTML attributes from HTML element to closing HTML element tag
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	660	* @param array $allowed_html Allowed HTML elements
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	661	* @param array $allowed_protocols Allowed protocols to keep
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	662	* @return string Sanitized HTML element
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	663	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	664	function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	665	# Is there a closing XHTML slash at the end of the attributes?
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	666
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	667	if ( ! is_array( $allowed_html ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	668	$allowed_html = wp_kses_allowed_html( $allowed_html );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	669
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	670	$xhtml_slash = '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	671	if (preg_match('%\s/\s$%', $attr))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	672	$xhtml_slash = ' /';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	673
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	674	# Are any attributes allowed at all for this element?
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	675	if ( ! isset($allowed_html[strtolower($element)]) \|\| count($allowed_html[strtolower($element)]) == 0 )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	676	return "<$element$xhtml_slash>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	677
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	678	# Split it
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	679	$attrarr = wp_kses_hair($attr, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	680
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	681	# Go through $attrarr, and save the allowed attributes for this element
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	682	# in $attr2
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	683	$attr2 = '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	684
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	685	$allowed_attr = $allowed_html[strtolower($element)];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	686	foreach ($attrarr as $arreach) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	687	if ( ! isset( $allowed_attr[strtolower($arreach['name'])] ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	688	continue; # the attribute is not allowed
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	689
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	690	$current = $allowed_attr[strtolower($arreach['name'])];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	691	if ( $current == '' )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	692	continue; # the attribute is not allowed
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	693
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	694	if ( strtolower( $arreach['name'] ) == 'style' ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	695	$orig_value = $arreach['value'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	696	$value = safecss_filter_attr( $orig_value );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	697
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	698	if ( empty( $value ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	699	continue;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	700
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	701	$arreach['value'] = $value;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	702	$arreach['whole'] = str_replace( $orig_value, $value, $arreach['whole'] );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	703	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	704
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	705	if ( ! is_array($current) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	706	$attr2 .= ' '.$arreach['whole'];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	707	# there are no checks
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	708
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	709	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	710	# there are some checks
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	711	$ok = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	712	foreach ($current as $currkey => $currval) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	713	if ( ! wp_kses_check_attr_val($arreach['value'], $arreach['vless'], $currkey, $currval) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	714	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	715	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	716	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	717	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	718
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	719	if ( $ok )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	720	$attr2 .= ' '.$arreach['whole']; # it passed them
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	721	} # if !is_array($current)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	722	} # foreach
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	723
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	724	# Remove any "<" or ">" characters
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	725	$attr2 = preg_replace('/[<>]/', '', $attr2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	726
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	727	return "<$element$attr2$xhtml_slash>";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	728	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	729
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	730	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	731	* Builds an attribute list from string containing attributes.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	732	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	733	* This function does a lot of work. It parses an attribute list into an array
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	734	* with attribute data, and tries to do the right thing even if it gets weird
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	735	* input. It will add quotes around attribute values that don't have any quotes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	736	* or apostrophes around them, to make it easier to produce HTML code that will
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	737	* conform to W3C's HTML specification. It will also remove bad URL protocols
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	738	* from attribute values. It also reduces duplicate attributes by using the
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	739	* attribute defined first (foo='bar' foo='baz' will result in foo='bar').
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	740	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	741	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	742	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	743	* @param string $attr Attribute list from HTML element to closing HTML element tag
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	744	* @param array $allowed_protocols Allowed protocols to keep
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	745	* @return array List of attributes after parsing
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	746	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	747	function wp_kses_hair($attr, $allowed_protocols) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	748	$attrarr = array();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	749	$mode = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	750	$attrname = '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	751	$uris = array('xmlns', 'profile', 'href', 'src', 'cite', 'classid', 'codebase', 'data', 'usemap', 'longdesc', 'action');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	752
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	753	# Loop through the whole attribute list
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	754
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	755	while (strlen($attr) != 0) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	756	$working = 0; # Was the last operation successful?
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	757
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	758	switch ($mode) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	759	case 0 : # attribute name, href for instance
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	760
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	761	if (preg_match('/^([-a-zA-Z]+)/', $attr, $match)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	762	$attrname = $match[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	763	$working = $mode = 1;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	764	$attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	765	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	766
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	767	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	768
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	769	case 1 : # equals sign or valueless ("selected")
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	770
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	771	if (preg_match('/^\s=\s/', $attr)) # equals sign
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	772	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	773	$working = 1;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	774	$mode = 2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	775	$attr = preg_replace('/^\s=\s/', '', $attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	776	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	777	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	778
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	779	if (preg_match('/^\s+/', $attr)) # valueless
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	780	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	781	$working = 1;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	782	$mode = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	783	if(false === array_key_exists($attrname, $attrarr)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	784	$attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	785	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	786	$attr = preg_replace('/^\s+/', '', $attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	787	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	788
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	789	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	790
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	791	case 2 : # attribute value, a URL after href= for instance
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	792
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	793	if (preg_match('%^"([^"]*)"(\s+\|/?$)%', $attr, $match))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	794	# "value"
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	795	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	796	$thisval = $match[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	797	if ( in_array(strtolower($attrname), $uris) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	798	$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	799
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	800	if(false === array_key_exists($attrname, $attrarr)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	801	$attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	802	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	803	$working = 1;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	804	$mode = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	805	$attr = preg_replace('/^"[^"]*"(\s+\|$)/', '', $attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	806	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	807	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	808
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	809	if (preg_match("%^'([^']*)'(\s+\|/?$)%", $attr, $match))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	810	# 'value'
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	811	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	812	$thisval = $match[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	813	if ( in_array(strtolower($attrname), $uris) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	814	$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	815
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	816	if(false === array_key_exists($attrname, $attrarr)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	817	$attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname='$thisval'", 'vless' => 'n');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	818	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	819	$working = 1;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	820	$mode = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	821	$attr = preg_replace("/^'[^']*'(\s+\|$)/", '', $attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	822	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	823	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	824
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	825	if (preg_match("%^([^\s\"']+)(\s+\|/?$)%", $attr, $match))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	826	# value
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	827	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	828	$thisval = $match[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	829	if ( in_array(strtolower($attrname), $uris) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	830	$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	831
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	832	if(false === array_key_exists($attrname, $attrarr)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	833	$attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	834	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	835	# We add quotes to conform to W3C's HTML spec.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	836	$working = 1;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	837	$mode = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	838	$attr = preg_replace("%^[^\s\"']+(\s+\|$)%", '', $attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	839	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	840
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	841	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	842	} # switch
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	843
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	844	if ($working == 0) # not well formed, remove and try again
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	845	{
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	846	$attr = wp_kses_html_error($attr);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	847	$mode = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	848	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	849	} # while
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	850
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	851	if ($mode == 1 && false === array_key_exists($attrname, $attrarr))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	852	# special case, for when the attribute list ends with a valueless
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	853	# attribute like "selected"
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	854	$attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	855
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	856	return $attrarr;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	857	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	858
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	859	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	860	* Performs different checks for attribute values.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	861	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	862	* The currently implemented checks are "maxlen", "minlen", "maxval", "minval"
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	863	* and "valueless".
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	864	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	865	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	866	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	867	* @param string $value Attribute value
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	868	* @param string $vless Whether the value is valueless. Use 'y' or 'n'
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	869	* @param string $checkname What $checkvalue is checking for.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	870	* @param mixed $checkvalue What constraint the value should pass
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	871	* @return bool Whether check passes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	872	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	873	function wp_kses_check_attr_val($value, $vless, $checkname, $checkvalue) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	874	$ok = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	875
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	876	switch (strtolower($checkname)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	877	case 'maxlen' :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	878	# The maxlen check makes sure that the attribute value has a length not
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	879	# greater than the given value. This can be used to avoid Buffer Overflows
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	880	# in WWW clients and various Internet servers.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	881
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	882	if (strlen($value) > $checkvalue)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	883	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	884	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	885
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	886	case 'minlen' :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	887	# The minlen check makes sure that the attribute value has a length not
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	888	# smaller than the given value.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	889
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	890	if (strlen($value) < $checkvalue)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	891	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	892	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	893
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	894	case 'maxval' :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	895	# The maxval check does two things: it checks that the attribute value is
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	896	# an integer from 0 and up, without an excessive amount of zeroes or
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	897	# whitespace (to avoid Buffer Overflows). It also checks that the attribute
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	898	# value is not greater than the given value.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	899	# This check can be used to avoid Denial of Service attacks.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	900
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	901	if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	902	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	903	if ($value > $checkvalue)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	904	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	905	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	906
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	907	case 'minval' :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	908	# The minval check makes sure that the attribute value is a positive integer,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	909	# and that it is not smaller than the given value.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	910
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	911	if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	912	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	913	if ($value < $checkvalue)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	914	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	915	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	916
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	917	case 'valueless' :
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	918	# The valueless check makes sure if the attribute has a value
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	919	# (like <a href="blah">) or not (<option selected>). If the given value
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	920	# is a "y" or a "Y", the attribute must not have a value.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	921	# If the given value is an "n" or an "N", the attribute must have one.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	922
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	923	if (strtolower($checkvalue) != $vless)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	924	$ok = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	925	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	926	} # switch
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	927
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	928	return $ok;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	929	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	930
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	931	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	932	* Sanitize string from bad protocols.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	933	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	934	* This function removes all non-allowed protocols from the beginning of
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	935	* $string. It ignores whitespace and the case of the letters, and it does
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	936	* understand HTML entities. It does its work in a while loop, so it won't be
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	937	* fooled by a string like "javascript:javascript:alert(57)".
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	938	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	939	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	940	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	941	* @param string $string Content to filter bad protocols from
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	942	* @param array $allowed_protocols Allowed protocols to keep
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	943	* @return string Filtered content
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	944	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	945	function wp_kses_bad_protocol($string, $allowed_protocols) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	946	$string = wp_kses_no_null($string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	947	$iterations = 0;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	948
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	949	do {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	950	$original_string = $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	951	$string = wp_kses_bad_protocol_once($string, $allowed_protocols);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	952	} while ( $original_string != $string && ++$iterations < 6 );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	953
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	954	if ( $original_string != $string )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	955	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	956
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	957	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	958	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	959
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	960	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	961	* Removes any null characters in $string.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	962	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	963	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	964	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	965	* @param string $string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	966	* @return string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	967	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	968	function wp_kses_no_null($string) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	969	$string = preg_replace('/\0+/', '', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	970	$string = preg_replace('/(\\\\0)+/', '', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	971
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	972	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	973	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	974
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	975	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	976	* Strips slashes from in front of quotes.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	977	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	978	* This function changes the character sequence \" to just ". It leaves all
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	979	* other slashes alone. It's really weird, but the quoting from
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	980	* preg_replace(//e) seems to require this.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	981	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	982	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	983	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	984	* @param string $string String to strip slashes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	985	* @return string Fixed string with quoted slashes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	986	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	987	function wp_kses_stripslashes($string) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	988	return preg_replace('%\\\\"%', '"', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	989	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	990
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	991	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	992	* Goes through an array and changes the keys to all lower case.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	993	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	994	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	995	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	996	* @param array $inarray Unfiltered array
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	997	* @return array Fixed array with all lowercase keys
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	998	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	999	function wp_kses_array_lc($inarray) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1000	$outarray = array ();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1001
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1002	foreach ( (array) $inarray as $inkey => $inval) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1003	$outkey = strtolower($inkey);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1004	$outarray[$outkey] = array ();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1005
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1006	foreach ( (array) $inval as $inkey2 => $inval2) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1007	$outkey2 = strtolower($inkey2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1008	$outarray[$outkey][$outkey2] = $inval2;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1009	} # foreach $inval
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1010	} # foreach $inarray
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1011
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1012	return $outarray;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1013	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1014
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1015	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1016	* Removes the HTML JavaScript entities found in early versions of Netscape 4.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1017	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1018	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1019	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1020	* @param string $string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1021	* @return string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1022	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1023	function wp_kses_js_entities($string) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1024	return preg_replace('%&\s\{[^}](\}\s*;?\|$)%', '', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1025	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1026
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1027	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1028	* Handles parsing errors in wp_kses_hair().
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1029	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1030	* The general plan is to remove everything to and including some whitespace,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1031	* but it deals with quotes and apostrophes as well.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1032	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1033	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1034	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1035	* @param string $string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1036	* @return string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1037	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1038	function wp_kses_html_error($string) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1039	return preg_replace('/^("[^"]("\|$)\|\'[^\'](\'\|$)\|\S)\s/', '', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1040	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1041
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1042	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1043	* Sanitizes content from bad protocols and other characters.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1044	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1045	* This function searches for URL protocols at the beginning of $string, while
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1046	* handling whitespace and HTML entities.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1047	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1048	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1049	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1050	* @param string $string Content to check for bad protocols
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1051	* @param string $allowed_protocols Allowed protocols
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1052	* @return string Sanitized content
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1053	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1054	function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1055	$string2 = preg_split( '/:\|&#058;\|&#x03a;/i', $string, 2 );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1056	if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1057	$string = trim( $string2[1] );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1058	$protocol = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1059	if ( 'feed:' == $protocol ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1060	if ( $count > 2 )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1061	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1062	$string = wp_kses_bad_protocol_once( $string, $allowed_protocols, ++$count );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1063	if ( empty( $string ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1064	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1065	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1066	$string = $protocol . $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1067	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1068
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1069	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1070	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1071
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1072	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1073	* Callback for wp_kses_bad_protocol_once() regular expression.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1074	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1075	* This function processes URL protocols, checks to see if they're in the
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1076	* whitelist or not, and returns different data depending on the answer.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1077	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1078	* @access private
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1079	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1080	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1081	* @param string $string URI scheme to check against the whitelist
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1082	* @param string $allowed_protocols Allowed protocols
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1083	* @return string Sanitized content
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1084	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1085	function wp_kses_bad_protocol_once2( $string, $allowed_protocols ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1086	$string2 = wp_kses_decode_entities($string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1087	$string2 = preg_replace('/\s/', '', $string2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1088	$string2 = wp_kses_no_null($string2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1089	$string2 = strtolower($string2);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1090
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1091	$allowed = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1092	foreach ( (array) $allowed_protocols as $one_protocol )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1093	if ( strtolower($one_protocol) == $string2 ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1094	$allowed = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1095	break;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1096	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1097
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1098	if ($allowed)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1099	return "$string2:";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1100	else
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1101	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1102	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1103
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1104	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1105	* Converts and fixes HTML entities.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1106	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1107	* This function normalizes HTML entities. It will convert "AT&T" to the correct
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1108	* "AT&T", ":" to ":", "&#XYZZY;" to "&#XYZZY;" and so on.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1109	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1110	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1111	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1112	* @param string $string Content to normalize entities
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1113	* @return string Content with normalized entities
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1114	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1115	function wp_kses_normalize_entities($string) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1116	# Disarm all entities by converting & to &
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1117
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1118	$string = str_replace('&', '&', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1119
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1120	# Change back the allowed entities in our entity whitelist
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1121
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1122	$string = preg_replace_callback('/&([A-Za-z]{2,8});/', 'wp_kses_named_entities', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1123	$string = preg_replace_callback('/&#(0*[0-9]{1,7});/', 'wp_kses_normalize_entities2', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1124	$string = preg_replace_callback('/&#[Xx](0*[0-9A-Fa-f]{1,6});/', 'wp_kses_normalize_entities3', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1125
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1126	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1127	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1128
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1129	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1130	* Callback for wp_kses_normalize_entities() regular expression.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1131	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1132	* This function only accepts valid named entity references, which are finite,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1133	* case-sensitive, and highly scrutinized by HTML and XML validators.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1134	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1135	* @since 3.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1136	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1137	* @param array $matches preg_replace_callback() matches array
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1138	* @return string Correctly encoded entity
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1139	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1140	function wp_kses_named_entities($matches) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1141	global $allowedentitynames;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1142
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1143	if ( empty($matches[1]) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1144	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1145
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1146	$i = $matches[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1147	return ( ( ! in_array($i, $allowedentitynames) ) ? "&$i;" : "&$i;" );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1148	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1149
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1150	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1151	* Callback for wp_kses_normalize_entities() regular expression.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1152	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1153	* This function helps wp_kses_normalize_entities() to only accept 16-bit values
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1154	* and nothing more for &#number; entities.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1155	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1156	* @access private
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1157	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1158	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1159	* @param array $matches preg_replace_callback() matches array
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1160	* @return string Correctly encoded entity
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1161	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1162	function wp_kses_normalize_entities2($matches) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1163	if ( empty($matches[1]) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1164	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1165
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1166	$i = $matches[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1167	if (valid_unicode($i)) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1168	$i = str_pad(ltrim($i,'0'), 3, '0', STR_PAD_LEFT);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1169	$i = "&#$i;";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1170	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1171	$i = "&#$i;";
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1172	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1173
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1174	return $i;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1175	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1176
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1177	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1178	* Callback for wp_kses_normalize_entities() for regular expression.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1179	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1180	* This function helps wp_kses_normalize_entities() to only accept valid Unicode
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1181	* numeric entities in hex form.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1182	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1183	* @access private
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1184	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1185	* @param array $matches preg_replace_callback() matches array
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1186	* @return string Correctly encoded entity
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1187	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1188	function wp_kses_normalize_entities3($matches) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1189	if ( empty($matches[1]) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1190	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1191
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1192	$hexchars = $matches[1];
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1193	return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1194	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1195
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1196	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1197	* Helper function to determine if a Unicode value is valid.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1198	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1199	* @param int $i Unicode value
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1200	* @return bool True if the value was a valid Unicode number
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1201	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1202	function valid_unicode($i) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1203	return ( $i == 0x9 \|\| $i == 0xa \|\| $i == 0xd \|\|
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1204	($i >= 0x20 && $i <= 0xd7ff) \|\|
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1205	($i >= 0xe000 && $i <= 0xfffd) \|\|
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1206	($i >= 0x10000 && $i <= 0x10ffff) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1207	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1208
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1209	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1210	* Convert all entities to their character counterparts.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1211	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1212	* This function decodes numeric HTML entities (A and A). It doesn't do
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1213	* anything with other entities like ä, but we don't need them in the URL
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1214	* protocol whitelisting system anyway.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1215	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1216	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1217	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1218	* @param string $string Content to change entities
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1219	* @return string Content after decoded entities
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1220	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1221	function wp_kses_decode_entities($string) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1222	$string = preg_replace_callback('/&#([0-9]+);/', '_wp_kses_decode_entities_chr', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1223	$string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', '_wp_kses_decode_entities_chr_hexdec', $string);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1224
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1225	return $string;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1226	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1227
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1228	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1229	* Regex callback for wp_kses_decode_entities()
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1230	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1231	* @param array $match preg match
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1232	* @return string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1233	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1234	function _wp_kses_decode_entities_chr( $match ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1235	return chr( $match[1] );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1236	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1237
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1238	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1239	* Regex callback for wp_kses_decode_entities()
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1240	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1241	* @param array $match preg match
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1242	* @return string
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1243	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1244	function _wp_kses_decode_entities_chr_hexdec( $match ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1245	return chr( hexdec( $match[1] ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1246	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1247
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1248	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1249	* Sanitize content with allowed HTML Kses rules.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1250	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1251	* @since 1.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1252	* @uses $allowedtags
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1253	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1254	* @param string $data Content to filter, expected to be escaped with slashes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1255	* @return string Filtered content
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1256	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1257	function wp_filter_kses( $data ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1258	return addslashes( wp_kses( stripslashes( $data ), current_filter() ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1259	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1260
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1261	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1262	* Sanitize content with allowed HTML Kses rules.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1263	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1264	* @since 2.9.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1265	* @uses $allowedtags
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1266	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1267	* @param string $data Content to filter, expected to not be escaped
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1268	* @return string Filtered content
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1269	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1270	function wp_kses_data( $data ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1271	return wp_kses( $data , current_filter() );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1272	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1273
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1274	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1275	* Sanitize content for allowed HTML tags for post content.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1276	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1277	* Post content refers to the page contents of the 'post' type and not $_POST
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1278	* data from forms.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1279	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1280	* @since 2.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1281	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1282	* @param string $data Post content to filter, expected to be escaped with slashes
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1283	* @return string Filtered post content with allowed HTML tags and attributes intact.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1284	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1285	function wp_filter_post_kses($data) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1286	return addslashes ( wp_kses( stripslashes( $data ), 'post' ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1287	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1288
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1289	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1290	* Sanitize content for allowed HTML tags for post content.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1291	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1292	* Post content refers to the page contents of the 'post' type and not $_POST
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1293	* data from forms.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1294	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1295	* @since 2.9.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1296	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1297	* @param string $data Post content to filter
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1298	* @return string Filtered post content with allowed HTML tags and attributes intact.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1299	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1300	function wp_kses_post($data) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1301	return wp_kses( $data , 'post' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1302	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1303
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1304	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1305	* Strips all of the HTML in the content.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1306	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1307	* @since 2.1.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1308	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1309	* @param string $data Content to strip all HTML from
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1310	* @return string Filtered content without any HTML
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1311	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1312	function wp_filter_nohtml_kses( $data ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1313	return addslashes ( wp_kses( stripslashes( $data ), 'strip' ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1314	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1315
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1316	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1317	* Adds all Kses input form content filters.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1318	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1319	* All hooks have default priority. The wp_filter_kses() function is added to
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1320	* the 'pre_comment_content' and 'title_save_pre' hooks.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1321	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1322	* The wp_filter_post_kses() function is added to the 'content_save_pre',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1323	* 'excerpt_save_pre', and 'content_filtered_save_pre' hooks.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1324	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1325	* @since 2.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1326	* @uses add_filter() See description for what functions are added to what hooks.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1327	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1328	function kses_init_filters() {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1329	// Normal filtering
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1330	add_filter('title_save_pre', 'wp_filter_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1331
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1332	// Comment filtering
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1333	if ( current_user_can( 'unfiltered_html' ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1334	add_filter( 'pre_comment_content', 'wp_filter_post_kses' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1335	else
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1336	add_filter( 'pre_comment_content', 'wp_filter_kses' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1337
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1338	// Post filtering
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1339	add_filter('content_save_pre', 'wp_filter_post_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1340	add_filter('excerpt_save_pre', 'wp_filter_post_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1341	add_filter('content_filtered_save_pre', 'wp_filter_post_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1342	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1343
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1344	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1345	* Removes all Kses input form content filters.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1346	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1347	* A quick procedural method to removing all of the filters that kses uses for
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1348	* content in WordPress Loop.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1349	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1350	* Does not remove the kses_init() function from 'init' hook (priority is
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1351	* default). Also does not remove kses_init() function from 'set_current_user'
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1352	* hook (priority is also default).
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1353	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1354	* @since 2.0.6
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1355	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1356	function kses_remove_filters() {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1357	// Normal filtering
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1358	remove_filter('title_save_pre', 'wp_filter_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1359
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1360	// Comment filtering
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1361	remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1362	remove_filter( 'pre_comment_content', 'wp_filter_kses' );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1363
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1364	// Post filtering
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1365	remove_filter('content_save_pre', 'wp_filter_post_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1366	remove_filter('excerpt_save_pre', 'wp_filter_post_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1367	remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1368	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1369
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1370	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1371	* Sets up most of the Kses filters for input form content.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1372	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1373	* If you remove the kses_init() function from 'init' hook and
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1374	* 'set_current_user' (priority is default), then none of the Kses filter hooks
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1375	* will be added.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1376	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1377	* First removes all of the Kses filters in case the current user does not need
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1378	* to have Kses filter the content. If the user does not have unfiltered_html
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1379	* capability, then Kses filters are added.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1380	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1381	* @uses kses_remove_filters() Removes the Kses filters
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1382	* @uses kses_init_filters() Adds the Kses filters back if the user
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1383	* does not have unfiltered HTML capability.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1384	* @since 2.0.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1385	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1386	function kses_init() {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1387	kses_remove_filters();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1388
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1389	if (current_user_can('unfiltered_html') == false)
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1390	kses_init_filters();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1391	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1392
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1393	add_action('init', 'kses_init');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1394	add_action('set_current_user', 'kses_init');
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1395
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1396	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1397	* Inline CSS filter
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1398	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1399	* @since 2.8.1
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1400	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1401	function safecss_filter_attr( $css, $deprecated = '' ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1402	if ( !empty( $deprecated ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1403	_deprecated_argument( __FUNCTION__, '2.8.1' ); // Never implemented
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1404
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1405	$css = wp_kses_no_null($css);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1406	$css = str_replace(array("\n","\r","\t"), '', $css);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1407
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1408	if ( preg_match( '%[\\(&=}]\|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1409	return '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1410
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1411	$css_array = explode( ';', trim( $css ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1412	$allowed_attr = apply_filters( 'safe_style_css', array( 'text-align', 'margin', 'color', 'float',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1413	'border', 'background', 'background-color', 'border-bottom', 'border-bottom-color',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1414	'border-bottom-style', 'border-bottom-width', 'border-collapse', 'border-color', 'border-left',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1415	'border-left-color', 'border-left-style', 'border-left-width', 'border-right', 'border-right-color',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1416	'border-right-style', 'border-right-width', 'border-spacing', 'border-style', 'border-top',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1417	'border-top-color', 'border-top-style', 'border-top-width', 'border-width', 'caption-side',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1418	'clear', 'cursor', 'direction', 'font', 'font-family', 'font-size', 'font-style',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1419	'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'margin-bottom',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1420	'margin-left', 'margin-right', 'margin-top', 'overflow', 'padding', 'padding-bottom',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1421	'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align',
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1422	'width' ) );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1423
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1424	if ( empty($allowed_attr) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1425	return $css;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1426
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1427	$css = '';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1428	foreach ( $css_array as $css_item ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1429	if ( $css_item == '' )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1430	continue;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1431	$css_item = trim( $css_item );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1432	$found = false;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1433	if ( strpos( $css_item, ':' ) === false ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1434	$found = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1435	} else {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1436	$parts = explode( ':', $css_item );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1437	if ( in_array( trim( $parts[0] ), $allowed_attr ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1438	$found = true;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1439	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1440	if ( $found ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1441	if( $css != '' )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1442	$css .= ';';
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1443	$css .= $css_item;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1444	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1445	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1446
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1447	return $css;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1448	}
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1449
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1450	/**
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1451	* Helper function to add global attributes to a tag in the allowed html list.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1452	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1453	* @since 3.5.0
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1454	* @access private
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1455	*
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1456	* @param array $value An array of attributes.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1457	* @return array The array of attributes with global attributes added.
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1458	*/
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1459	function _wp_add_global_attributes( $value ) {
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1460	$global_attributes = array(
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1461	'class' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1462	'id' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1463	'style' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1464	'title' => true,
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1465	);
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1466
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1467	if ( true === $value )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1468	$value = array();
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1469
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1470	if ( is_array( $value ) )
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1471	return array_merge( $value, $global_attributes );
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1472
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1473	return $value;
d970ebf37754 first import ymh <ymh.work@gmail.com> parents: diff changeset	1474	}

author	ymh <ymh.work@gmail.com>
	Wed, 06 Nov 2013 03:21:17 +0000
changeset 0	d970ebf37754
child 5	5e2f62d02dcd
permissions	-rw-r--r--