1027
1024
* @return string Content after decoded entities
1029
1026
function wp_kses_decode_entities($string) {
1030
$string = preg_replace_callback('/&#([0-9]+);/', create_function('$match', 'return chr($match[1]);'), $string);
1031
$string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', create_function('$match', 'return chr(hexdec($match[1]));'), $string);
1027
$string = preg_replace_callback('/&#([0-9]+);/', '_wp_kses_decode_entities_chr', $string);
1028
$string = preg_replace_callback('/&#[Xx]([0-9A-Fa-f]+);/', '_wp_kses_decode_entities_chr_hexdec', $string);
1033
1030
return $string;
1034
* Regex callback for wp_kses_decode_entities()
1036
* @param array $match preg match
1039
function _wp_kses_decode_entities_chr( $match ) {
1040
return chr( $match[1] );
1044
* Regex callback for wp_kses_decode_entities()
1046
* @param array $match preg match
1049
function _wp_kses_decode_entities_chr_hexdec( $match ) {
1050
return chr( hexdec( $match[1] ) );
1037
1054
* Sanitize content with allowed HTML Kses rules.
1040
1057
* @uses $allowedtags
1042
* @param string $data Content to filter
1059
* @param string $data Content to filter, expected to be escaped with slashes
1043
1060
* @return string Filtered content
1045
1062
function wp_filter_kses($data) {
1158
1206
$css_array = split( ';', trim( $css ) );
1159
$allowed_attr = apply_filters( 'safe_style_css', array( 'text-align', 'margin', 'color', 'float',
1160
'border', 'background', 'background-color', 'border-bottom', 'border-bottom-color',
1207
$allowed_attr = apply_filters( 'safe_style_css', array( 'text-align', 'margin', 'color', 'float',
1208
'border', 'background', 'background-color', 'border-bottom', 'border-bottom-color',
1161
1209
'border-bottom-style', 'border-bottom-width', 'border-collapse', 'border-color', 'border-left',
1162
'border-left-color', 'border-left-style', 'border-left-width', 'border-right', 'border-right-color',
1163
'border-right-style', 'border-right-width', 'border-spacing', 'border-style', 'border-top',
1164
'border-top-color', 'border-top-style', 'border-top-width', 'border-width', 'caption-side',
1165
'clear', 'cursor', 'direction', 'font', 'font-family', 'font-size', 'font-style',
1166
'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'margin-bottom',
1167
'margin-left', 'margin-right', 'margin-top', 'overflow', 'padding', 'padding-bottom',
1168
'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align',
1210
'border-left-color', 'border-left-style', 'border-left-width', 'border-right', 'border-right-color',
1211
'border-right-style', 'border-right-width', 'border-spacing', 'border-style', 'border-top',
1212
'border-top-color', 'border-top-style', 'border-top-width', 'border-width', 'caption-side',
1213
'clear', 'cursor', 'direction', 'font', 'font-family', 'font-size', 'font-style',
1214
'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'margin-bottom',
1215
'margin-left', 'margin-right', 'margin-top', 'overflow', 'padding', 'padding-bottom',
1216
'padding-left', 'padding-right', 'padding-top', 'text-decoration', 'text-indent', 'vertical-align',
1171
1219
if ( empty($allowed_attr) )