<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre, #msg p { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[11929] trunk: Filter fields through kses upon display.</title>
</head>
<body>

<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/11929">11929</a></dd>
<dt>Author</dt> <dd>ryan</dd>
<dt>Date</dt> <dd>2009-09-14 13:57:48 +0000 (Mon, 14 Sep 2009)</dd>
</dl>

<h3>Log Message</h3>
<pre>Filter fields through kses upon display. Introduce sanitize_user_object() and sanitize_user_field(). see <a href="http://trac.wordpress.org/ticket/10751">#10751</a></pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminincludestemplatephp">trunk/wp-admin/includes/template.php</a></li>
<li><a href="#trunkwpadminincludesuserphp">trunk/wp-admin/includes/user.php</a></li>
<li><a href="#trunkwpadminusereditphp">trunk/wp-admin/user-edit.php</a></li>
<li><a href="#trunkwpadminusersphp">trunk/wp-admin/users.php</a></li>
<li><a href="#trunkwpincludescapabilitiesphp">trunk/wp-includes/capabilities.php</a></li>
<li><a href="#trunkwpincludesdefaultfiltersphp">trunk/wp-includes/default-filters.php</a></li>
<li><a href="#trunkwpincludesformattingphp">trunk/wp-includes/formatting.php</a></li>
<li><a href="#trunkwpincludesregistrationphp">trunk/wp-includes/registration.php</a></li>
<li><a href="#trunkwpincludesuserphp">trunk/wp-includes/user.php</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminincludestemplatephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/template.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/template.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-admin/includes/template.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -1892,6 +1892,7 @@
</span><span class="cx"> 
</span><span class="cx">         if ( !( is_object( $user_object) &amp;&amp; is_a( $user_object, 'WP_User' ) ) )
</span><span class="cx">                 $user_object = new WP_User( (int) $user_object );
</span><ins>+        $user_object = sanitize_user_object($user_object, 'display');
</ins><span class="cx">         $email = $user_object-&gt;user_email;
</span><span class="cx">         $url = $user_object-&gt;user_url;
</span><span class="cx">         $short_url = str_replace( 'http://', '', $url );
</span></span></pre></div>
<a id="trunkwpadminincludesuserphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/user.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/user.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-admin/includes/user.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -25,15 +25,16 @@
</span><span class="cx">                 $user_id = (int) func_get_arg( 0 );
</span><span class="cx"> 
</span><span class="cx">                 if ( isset( $_POST['role'] ) ) {
</span><ins>+                        $new_role = sanitize_text_field( $_POST['role'] );
</ins><span class="cx">                         // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
</span><del>-                        if( $user_id != $current_user-&gt;id || $wp_roles-&gt;role_objects[$_POST['role']]-&gt;has_cap( 'edit_users' ) ) {
</del><ins>+                        if ( $user_id != $current_user-&gt;id || $wp_roles-&gt;role_objects[$new_role]-&gt;has_cap( 'edit_users' ) ) {
</ins><span class="cx">                                 // If the new role isn't editable by the logged-in user die with error
</span><span class="cx">                                 $editable_roles = get_editable_roles();
</span><del>-                                if (!$editable_roles[$_POST['role']])
</del><ins>+                                if ( !$editable_roles[$new_role] )
</ins><span class="cx">                                         wp_die(__('You can&amp;#8217;t give users that role.'));
</span><span class="cx"> 
</span><span class="cx">                                 $user = new WP_User( $user_id );
</span><del>-                                $user-&gt;set_role( $_POST['role'] );
</del><ins>+                                $user-&gt;set_role( $new_role );
</ins><span class="cx">                         }
</span><span class="cx">                 }
</span><span class="cx">         } else {
</span><span class="lines">@@ -64,8 +65,8 @@
</span><span class="cx">                 $user = '';
</span><span class="cx">         }
</span><span class="cx"> 
</span><del>-        if ( isset( $_POST['user_login'] ))
-                $user-&gt;user_login = esc_html( trim( $_POST['user_login'] ));
</del><ins>+        if ( !$update &amp;&amp; isset( $_POST['user_login'] ) )
+                $user-&gt;user_login = sanitize_user($userdata['user_login'], true);
</ins><span class="cx"> 
</span><span class="cx">         $pass1 = $pass2 = '';
</span><span class="cx">         if ( isset( $_POST['pass1'] ))
</span><span class="lines">@@ -74,62 +75,55 @@
</span><span class="cx">                 $pass2 = $_POST['pass2'];
</span><span class="cx"> 
</span><span class="cx">         if ( isset( $_POST['role'] ) &amp;&amp; current_user_can( 'edit_users' ) ) {
</span><del>-
</del><ins>+                $new_role = sanitize_text_field( $_POST['role'] );
</ins><span class="cx">                 // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
</span><del>-                if( $user_id != $current_user-&gt;id || $wp_roles-&gt;role_objects[$_POST['role']]-&gt;has_cap( 'edit_users' ))
-                        $user-&gt;role = $_POST['role'];
</del><ins>+                if( $user_id != $current_user-&gt;id || $wp_roles-&gt;role_objects[$new_role]-&gt;has_cap( 'edit_users' ))
+                        $user-&gt;role = $new_role;
</ins><span class="cx"> 
</span><span class="cx">                 // If the new role isn't editable by the logged-in user die with error
</span><span class="cx">                 $editable_roles = get_editable_roles();
</span><del>-                if (!$editable_roles[$_POST['role']])
</del><ins>+                if ( !$editable_roles[$new_role] )
</ins><span class="cx">                         wp_die(__('You can&amp;#8217;t give users that role.'));
</span><span class="cx">         }
</span><span class="cx"> 
</span><span class="cx">         if ( isset( $_POST['email'] ))
</span><del>-                $user-&gt;user_email = esc_html( trim( $_POST['email'] ));
</del><ins>+                $user-&gt;user_email = sanitize_text_field( $_POST['email'] );
</ins><span class="cx">         if ( isset( $_POST['url'] ) ) {
</span><span class="cx">                 if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
</span><span class="cx">                         $user-&gt;user_url = '';
</span><span class="cx">                 } else {
</span><del>-                        $user-&gt;user_url = esc_url( trim( $_POST['url'] ));
</del><ins>+                        $user-&gt;user_url = sanitize_url( $_POST['url'] );
</ins><span class="cx">                         $user-&gt;user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user-&gt;user_url) ? $user-&gt;user_url : 'http://'.$user-&gt;user_url;
</span><span class="cx">                 }
</span><span class="cx">         }
</span><del>-        if ( isset( $_POST['first_name'] ))
-                $user-&gt;first_name = esc_html( trim( $_POST['first_name'] ));
-        if ( isset( $_POST['last_name'] ))
-                $user-&gt;last_name = esc_html( trim( $_POST['last_name'] ));
-        if ( isset( $_POST['nickname'] ))
-                $user-&gt;nickname = esc_html( trim( $_POST['nickname'] ));
-        if ( isset( $_POST['display_name'] ))
-                $user-&gt;display_name = esc_html( trim( $_POST['display_name'] ));
-        if ( isset( $_POST['description'] ))
</del><ins>+        if ( isset( $_POST['first_name'] ) )
+                $user-&gt;first_name = sanitize_text_field( $_POST['first_name'] );
+        if ( isset( $_POST['last_name'] ) )
+                $user-&gt;last_name = sanitize_text_field( $_POST['last_name'] );
+        if ( isset( $_POST['nickname'] ) )
+                $user-&gt;nickname = sanitize_text_field( $_POST['nickname'] );
+        if ( isset( $_POST['display_name'] ) )
+                $user-&gt;display_name = sanitize_text_field( $_POST['display_name'] );
+
+        if ( isset( $_POST['description'] ) )
</ins><span class="cx">                 $user-&gt;description = trim( $_POST['description'] );
</span><del>-        $user_contactmethods = _wp_get_user_contactmethods();
-        foreach ($user_contactmethods as $method =&gt; $name) {
</del><ins>+
+        foreach ( _wp_get_user_contactmethods() as $method =&gt; $name ) {
</ins><span class="cx">                 if ( isset( $_POST[$method] ))
</span><del>-                        $user-&gt;$method = esc_html( trim( $_POST[$method] ) );
</del><ins>+                        $user-&gt;$method = sanitize_text_field( $_POST[$method] );
</ins><span class="cx">         }
</span><del>-        if ( !$update )
-                $user-&gt;rich_editing = 'true';  // Default to true for new users.
-        else if ( isset( $_POST['rich_editing'] ) )
-                $user-&gt;rich_editing = $_POST['rich_editing'];
-        else
-                $user-&gt;rich_editing = 'true';
</del><span class="cx"> 
</span><del>-        $user-&gt;comment_shortcuts = isset( $_POST['comment_shortcuts'] )? $_POST['comment_shortcuts'] : '';
</del><ins>+        if ( $update ) {
+                $user-&gt;rich_editing = isset( $_POST['rich_editing'] ) &amp;&amp; 'false' == $_POST['rich_editing'] ? 'false' : 'true';
+                $user-&gt;admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
+        }
</ins><span class="cx"> 
</span><ins>+        $user-&gt;comment_shortcuts = isset( $_POST['comment_shortcuts'] ) &amp;&amp; 'true' == $_POST['comment_shortcuts'] ? 'true' : '';
+
</ins><span class="cx">         $user-&gt;use_ssl = 0;
</span><span class="cx">         if ( !empty($_POST['use_ssl']) )
</span><span class="cx">                 $user-&gt;use_ssl = 1;
</span><span class="cx"> 
</span><del>-        if ( !$update )
-                $user-&gt;admin_color = 'fresh';  // Default to fresh for new users.
-        else if ( isset( $_POST['admin_color'] ) )
-                $user-&gt;admin_color = $_POST['admin_color'];
-        else
-                $user-&gt;admin_color = 'fresh';
-
</del><span class="cx">         $errors = new WP_Error();
</span><span class="cx"> 
</span><span class="cx">         /* checking that username has been typed */
</span><span class="lines">@@ -159,34 +153,34 @@
</span><span class="cx">         if ( $pass1 != $pass2 )
</span><span class="cx">                 $errors-&gt;add( 'pass', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: Please enter the same password in the two password fields.' ), array( 'form-field' =&gt; 'pass1' ) );
</span><span class="cx"> 
</span><del>-        if (!empty ( $pass1 ))
</del><ins>+        if ( !empty( $pass1 ) )
</ins><span class="cx">                 $user-&gt;user_pass = $pass1;
</span><span class="cx"> 
</span><span class="cx">         if ( !$update &amp;&amp; !validate_username( $user-&gt;user_login ) )
</span><span class="cx">                 $errors-&gt;add( 'user_login', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is invalid. Please enter a valid username.' ));
</span><span class="cx"> 
</span><del>-        if (!$update &amp;&amp; username_exists( $user-&gt;user_login ))
</del><ins>+        if ( !$update &amp;&amp; username_exists( $user-&gt;user_login ) )
</ins><span class="cx">                 $errors-&gt;add( 'user_login', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: This username is already registered. Please choose another one.' ));
</span><span class="cx"> 
</span><span class="cx">         /* checking e-mail address */
</span><del>-        if ( empty ( $user-&gt;user_email ) ) {
</del><ins>+        if ( empty( $user-&gt;user_email ) ) {
</ins><span class="cx">                 $errors-&gt;add( 'empty_email', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: Please enter an e-mail address.' ), array( 'form-field' =&gt; 'email' ) );
</span><del>-        } elseif (!is_email( $user-&gt;user_email ) ) {
</del><ins>+        } elseif ( !is_email( $user-&gt;user_email ) ) {
</ins><span class="cx">                 $errors-&gt;add( 'invalid_email', __( '&lt;strong&gt;ERROR&lt;/strong&gt;: The e-mail address isn&amp;#8217;t correct.' ), array( 'form-field' =&gt; 'email' ) );
</span><span class="cx">         } elseif ( ( $owner_id = email_exists($user-&gt;user_email) ) &amp;&amp; $owner_id != $user-&gt;ID ) {
</span><span class="cx">                 $errors-&gt;add( 'email_exists', __('&lt;strong&gt;ERROR&lt;/strong&gt;: This email is already registered, please choose another one.'), array( 'form-field' =&gt; 'email' ) );
</span><span class="cx">         }
</span><span class="cx"> 
</span><del>-        // Allow plugins to return there own errors.
</del><ins>+        // Allow plugins to return their own errors.
</ins><span class="cx">         do_action_ref_array('user_profile_update_errors', array ( &amp;$errors, $update, &amp;$user ) );
</span><span class="cx"> 
</span><span class="cx">         if ( $errors-&gt;get_error_codes() )
</span><span class="cx">                 return $errors;
</span><span class="cx"> 
</span><span class="cx">         if ( $update ) {
</span><del>-                $user_id = wp_update_user( get_object_vars( $user ));
</del><ins>+                $user_id = wp_update_user( get_object_vars( $user ) );
</ins><span class="cx">         } else {
</span><del>-                $user_id = wp_insert_user( get_object_vars( $user ));
</del><ins>+                $user_id = wp_insert_user( get_object_vars( $user ) );
</ins><span class="cx">                 wp_new_user_notification( $user_id, isset($_POST['send_password']) ? $pass1 : '' );
</span><span class="cx">         }
</span><span class="cx">         return $user_id;
</span><span class="lines">@@ -370,21 +364,18 @@
</span><span class="cx">  */
</span><span class="cx"> function get_user_to_edit( $user_id ) {
</span><span class="cx">         $user = new WP_User( $user_id );
</span><del>-        $user-&gt;user_login   = esc_attr($user-&gt;user_login);
-        $user-&gt;user_email   = esc_attr($user-&gt;user_email);
-        $user-&gt;user_url     = esc_url($user-&gt;user_url);
-        $user-&gt;first_name   = esc_attr($user-&gt;first_name);
-        $user-&gt;last_name    = esc_attr($user-&gt;last_name);
-        $user-&gt;display_name = esc_attr($user-&gt;display_name);
-        $user-&gt;nickname     = esc_attr($user-&gt;nickname);
</del><span class="cx"> 
</span><span class="cx">         $user_contactmethods = _wp_get_user_contactmethods();
</span><span class="cx">         foreach ($user_contactmethods as $method =&gt; $name) {
</span><del>-                $user-&gt;{$method} = isset( $user-&gt;{$method} ) &amp;&amp; !empty( $user-&gt;{$method} ) ? esc_attr($user-&gt;{$method}) : '';
</del><ins>+                if ( empty( $user-&gt;{$method} ) )
+                        $user-&gt;{$method} = '';
</ins><span class="cx">         }
</span><del>-        
-        $user-&gt;description  = isset( $user-&gt;description ) &amp;&amp; !empty( $user-&gt;description ) ? esc_html($user-&gt;description) : '';
</del><span class="cx"> 
</span><ins>+        if ( empty($user-&gt;description) )
+                $user-&gt;description = '';
+
+        $user = sanitize_user_object($user, 'edit');
+
</ins><span class="cx">         return $user;
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkwpadminusereditphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/user-edit.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/user-edit.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-admin/user-edit.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -284,7 +284,7 @@
</span><span class="cx"> &lt;table class=&quot;form-table&quot;&gt;
</span><span class="cx"> &lt;tr&gt;
</span><span class="cx">         &lt;th&gt;&lt;label for=&quot;description&quot;&gt;&lt;?php _e('Biographical Info'); ?&gt;&lt;/label&gt;&lt;/th&gt;
</span><del>-        &lt;td&gt;&lt;textarea name=&quot;description&quot; id=&quot;description&quot; rows=&quot;5&quot; cols=&quot;30&quot;&gt;&lt;?php echo $profileuser-&gt;description ?&gt;&lt;/textarea&gt;&lt;br /&gt;
</del><ins>+        &lt;td&gt;&lt;textarea name=&quot;description&quot; id=&quot;description&quot; rows=&quot;5&quot; cols=&quot;30&quot;&gt;&lt;?php echo esc_html($profileuser-&gt;description); ?&gt;&lt;/textarea&gt;&lt;br /&gt;
</ins><span class="cx">         &lt;span class=&quot;description&quot;&gt;&lt;?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?&gt;&lt;/span&gt;&lt;/td&gt;
</span><span class="cx"> &lt;/tr&gt;
</span><span class="cx"> 
</span><span class="lines">@@ -311,16 +311,17 @@
</span><span class="cx">         }
</span><span class="cx"> ?&gt;
</span><span class="cx"> 
</span><del>-&lt;?php if (count($profileuser-&gt;caps) &gt; count($profileuser-&gt;roles) &amp;&amp; apply_filters('additional_capabilities_display', true, $profileuser)): ?&gt;
</del><ins>+&lt;?php if ( count($profileuser-&gt;caps) &gt; count($profileuser-&gt;roles) &amp;&amp; apply_filters('additional_capabilities_display', true, $profileuser) ) { ?&gt;
</ins><span class="cx"> &lt;br class=&quot;clear&quot; /&gt;
</span><span class="cx">         &lt;table width=&quot;99%&quot; style=&quot;border: none;&quot; cellspacing=&quot;2&quot; cellpadding=&quot;3&quot; class=&quot;editform&quot;&gt;
</span><span class="cx">                 &lt;tr&gt;
</span><span class="cx">                         &lt;th scope=&quot;row&quot;&gt;&lt;?php _e('Additional Capabilities') ?&gt;&lt;/th&gt;
</span><span class="cx">                         &lt;td&gt;&lt;?php
</span><span class="cx">                         $output = '';
</span><del>-                        foreach($profileuser-&gt;caps as $cap =&gt; $value) {
-                                if(!$wp_roles-&gt;is_role($cap)) {
-                                        if($output != '') $output .= ', ';
</del><ins>+                        foreach ( $profileuser-&gt;caps as $cap =&gt; $value ) {
+                                if ( !$wp_roles-&gt;is_role($cap) ) {
+                                        if ( $output != '' )
+                                                $output .= ', ';
</ins><span class="cx">                                         $output .= $value ? $cap : &quot;Denied: {$cap}&quot;;
</span><span class="cx">                                 }
</span><span class="cx">                         }
</span><span class="lines">@@ -328,7 +329,7 @@
</span><span class="cx">                         ?&gt;&lt;/td&gt;
</span><span class="cx">                 &lt;/tr&gt;
</span><span class="cx">         &lt;/table&gt;
</span><del>-&lt;?php endif; ?&gt;
</del><ins>+&lt;?php } ?&gt;
</ins><span class="cx"> 
</span><span class="cx"> &lt;p class=&quot;submit&quot;&gt;
</span><span class="cx">         &lt;input type=&quot;hidden&quot; name=&quot;action&quot; value=&quot;update&quot; /&gt;
</span></span></pre></div>
<a id="trunkwpadminusersphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/users.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/users.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-admin/users.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -385,14 +385,6 @@
</span><span class="cx"> &lt;/form&gt;
</span><span class="cx"> &lt;/div&gt;
</span><span class="cx"> 
</span><del>-&lt;?php
-        foreach ( array('user_login' =&gt; 'user_login', 'first_name' =&gt; 'user_firstname', 'last_name' =&gt; 'user_lastname', 'email' =&gt; 'user_email', 'url' =&gt; 'user_uri', 'role' =&gt; 'user_role') as $formpost =&gt; $var ) {
-                $var = 'new_' . $var;
-                $$var = isset($_REQUEST[$formpost]) ? esc_attr(stripslashes($_REQUEST[$formpost])) : '';
-        }
-        unset($name);
-?&gt;
-
</del><span class="cx"> &lt;br class=&quot;clear&quot; /&gt;
</span><span class="cx"> &lt;?php
</span><span class="cx"> break;
</span></span></pre></div>
<a id="trunkwpincludescapabilitiesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/capabilities.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/capabilities.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-includes/capabilities.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -449,6 +449,15 @@
</span><span class="cx">         var $last_name = '';
</span><span class="cx"> 
</span><span class="cx">         /**
</span><ins>+         * The filter context applied to user data fields.
+         *
+         * @since 2.9.0
+         * @access private
+         * @var string
+         */
+        var $filter = null;
+
+        /**
</ins><span class="cx">          * PHP4 Constructor - Sets up the object properties.
</span><span class="cx">          *
</span><span class="cx">          * Retrieves the userdata and then assigns all of the data keys to direct
</span></span></pre></div>
<a id="trunkwpincludesdefaultfiltersphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/default-filters.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/default-filters.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-includes/default-filters.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -17,19 +17,26 @@
</span><span class="cx">         'pre_link_rel', 'pre_user_display_name', 'pre_user_first_name', 'pre_user_last_name',
</span><span class="cx">         'pre_user_nickname');
</span><span class="cx"> foreach ( $filters as $filter ) {
</span><del>-        add_filter($filter, 'strip_tags');
-        add_filter($filter, 'trim');
</del><ins>+        add_filter($filter, 'sanitize_text_field');
</ins><span class="cx">         add_filter($filter, 'wp_filter_kses');
</span><span class="cx">         add_filter($filter, '_wp_specialchars', 30);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-// Kses only for textarea saves
-$filters = array('pre_term_description', 'pre_link_description', 'pre_link_notes', 'pre_user_description');
</del><ins>+// Strip, kses, special chars for string display
+$filters = array('term_name', 'comment_author_name', 'link_name', 'link_target', 'link_rel', 'user_display_name', 'user_first_name', 'user_last_name', 'user_nickname');
</ins><span class="cx"> foreach ( $filters as $filter ) {
</span><ins>+        add_filter($filter, 'sanitize_text_field');
</ins><span class="cx">         add_filter($filter, 'wp_filter_kses');
</span><ins>+        add_filter($filter, '_wp_specialchars', 30);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><del>-// Email
</del><ins>+// Kses only for textarea saves and displays
+$filters = array('pre_term_description', 'term_description', 'pre_link_description', 'link_description', 'pre_link_notes', 'link_notes', 'pre_user_description', 'user_description');
+foreach ( $filters as $filter ) {
+        add_filter($filter, 'wp_filter_kses');
+}
+
+// Email saves
</ins><span class="cx"> $filters = array('pre_comment_author_email', 'pre_user_email');
</span><span class="cx"> foreach ( $filters as $filter ) {
</span><span class="cx">         add_filter($filter, 'trim');
</span><span class="lines">@@ -37,12 +44,18 @@
</span><span class="cx">         add_filter($filter, 'wp_filter_kses');
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+// Email display
+$filters = array('comment_author_email', 'user_email');
+foreach ( $filters as $filter ) {
+        add_filter($filter, 'sanitize_email');
+        add_filter($filter, 'wp_filter_kses');
+}
+
</ins><span class="cx"> // Save URL
</span><span class="cx"> $filters = array('pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_link_image',
</span><span class="cx">         'pre_link_rss');
</span><span class="cx"> foreach ( $filters as $filter ) {
</span><del>-        add_filter($filter, 'strip_tags');
-        add_filter($filter, 'trim');
</del><ins>+        add_filter($filter, 'wp_strip_all_tags');
</ins><span class="cx">         add_filter($filter, 'esc_url_raw');
</span><span class="cx">         add_filter($filter, 'wp_filter_kses');
</span><span class="cx"> }
</span><span class="lines">@@ -50,8 +63,7 @@
</span><span class="cx"> // Display URL
</span><span class="cx"> $filters = array('user_url', 'link_url', 'link_image', 'link_rss', 'comment_url');
</span><span class="cx"> foreach ( $filters as $filter ) {
</span><del>-        add_filter($filter, 'strip_tags');
-        add_filter($filter, 'trim');
</del><ins>+        add_filter($filter, 'wp_strip_all_tags');
</ins><span class="cx">         add_filter($filter, 'esc_url');
</span><span class="cx">         add_filter($filter, 'wp_filter_kses');
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkwpincludesformattingphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/formatting.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/formatting.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-includes/formatting.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -628,7 +628,7 @@
</span><span class="cx">  */
</span><span class="cx"> function sanitize_user( $username, $strict = false ) {
</span><span class="cx">         $raw_username = $username;
</span><del>-        $username = strip_tags($username);
</del><ins>+        $username = wp_strip_all_tags($username);
</ins><span class="cx">         // Kill octets
</span><span class="cx">         $username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username);
</span><span class="cx">         $username = preg_replace('/&amp;.+?;/', '', $username); // Kill entities
</span><span class="lines">@@ -2245,7 +2245,6 @@
</span><span class="cx">         $safe_text = wp_check_invalid_utf8( $text );
</span><span class="cx">         $safe_text = _wp_specialchars( $safe_text, ENT_QUOTES );
</span><span class="cx">         return apply_filters( 'esc_html', $safe_text, $text );
</span><del>-        return $text;
</del><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> /**
</span><span class="lines">@@ -2601,7 +2600,7 @@
</span><span class="cx">  * @return string The excerpt.
</span><span class="cx">  */
</span><span class="cx"> function wp_html_excerpt( $str, $count ) {
</span><del>-        $str = strip_tags( $str );
</del><ins>+        $str = wp_strip_all_tags( $str, true );
</ins><span class="cx">         $str = mb_substr( $str, 0, $count );
</span><span class="cx">         // remove part of an entity at the end
</span><span class="cx">         $str = preg_replace( '/&amp;[^;\s]{0,6}$/', '', $str );
</span><span class="lines">@@ -2668,6 +2667,7 @@
</span><span class="cx">                         create_function('$m', 'return _links_add_target($m, &quot;' . $target . '&quot;);'),
</span><span class="cx">                         $content);
</span><span class="cx"> }
</span><ins>+
</ins><span class="cx"> /**
</span><span class="cx">  * Callback to add a target attribute to all links in passed content.
</span><span class="cx">  *
</span><span class="lines">@@ -2692,4 +2692,54 @@
</span><span class="cx">         return $str;
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+/**
+ * Properly strip all HTML tags including script and style
+ *
+ * @since 2.9.0
+ *
+ * @param string $string String containing HTML tags
+ * @param bool $remove_breaks optional Whether to remove left over line breaks and white space chars
+ * @return string The processed string.
+ */
+function wp_strip_all_tags($string, $remove_breaks = false) {
+        $string = preg_replace( '@&lt;(script|style)[^&gt;]*?&gt;.*?&lt;/\\1&gt;@si', '', $string );
+        $string = strip_tags($string);
+
+        if ( $remove_breaks )
+                $string = preg_replace('/\s+/', ' ', $string);
+
+        return trim($string);
+}
+
+/**
+ * Sanitize a string from user input or from the db
+ *
+ * check for invalid UTF-8,
+ * Convert single &lt; characters to entity,
+ * strip all tags,
+ * remove line breaks, tabs and extra whitre space,
+ * strip octets.
+ *
+ * @since 2.9
+ *
+ * @param string $str
+ * @return string
+ */
+function sanitize_text_field($str) {
+        $filtered = wp_check_invalid_utf8( $str );
+
+        if ( strpos($filtered, '&lt;') !== false ) {
+                $filtered = wp_pre_kses_less_than( $filtered );
+                $filtered = wp_strip_all_tags( $filtered, true );
+        } else {
+                 $filtered = trim( preg_replace('/\s+/', ' ', $filtered) );
+        }
+
+        $match = array();
+        while ( preg_match('/%[a-f0-9]{2}/i', $filtered, $match) )
+                $filtered = str_replace($match[0], '', $filtered);
+
+        return apply_filters('sanitize_text_field', $filtered, $str);
+}
+
</ins><span class="cx"> ?&gt;
</span></span></pre></div>
<a id="trunkwpincludesregistrationphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/registration.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/registration.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-includes/registration.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -169,7 +169,7 @@
</span><span class="cx"> 
</span><span class="cx">         $user_nicename_check = $wpdb-&gt;get_var( $wpdb-&gt;prepare(&quot;SELECT ID FROM $wpdb-&gt;users WHERE user_nicename = %s AND user_login != %s LIMIT 1&quot; , $user_nicename, $user_login));
</span><span class="cx"> 
</span><del>-        if ($user_nicename_check) {
</del><ins>+        if ( $user_nicename_check ) {
</ins><span class="cx">                 $suffix = 2;
</span><span class="cx">                 while ($user_nicename_check) {
</span><span class="cx">                         $alt_user_nicename = $user_nicename . &quot;-$suffix&quot;;
</span><span class="lines">@@ -198,10 +198,11 @@
</span><span class="cx">         update_usermeta( $user_id, 'comment_shortcuts', $comment_shortcuts);
</span><span class="cx">         update_usermeta( $user_id, 'admin_color', $admin_color);
</span><span class="cx">         update_usermeta( $user_id, 'use_ssl', $use_ssl);
</span><del>-        foreach (_wp_get_user_contactmethods() as $method =&gt; $name) {
</del><ins>+
+        foreach ( _wp_get_user_contactmethods() as $method =&gt; $name ) {
</ins><span class="cx">                 if ( empty($$method) )
</span><span class="cx">                         $$method = '';
</span><del>-                
</del><ins>+
</ins><span class="cx">                 update_usermeta( $user_id, $method, $$method );
</span><span class="cx">         }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkwpincludesuserphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/user.php (11928 => 11929)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/user.php        2009-09-14 02:06:33 UTC (rev 11928)
+++ trunk/wp-includes/user.php        2009-09-14 13:57:48 UTC (rev 11929)
</span><span class="lines">@@ -617,4 +617,121 @@
</span><span class="cx">         wp_cache_add($user-&gt;user_nicename, $user-&gt;ID, 'userslugs');
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+/**
+ * Sanitize every user field.
+ *
+ * If the context is 'raw', then the user object or array will get minimal santization of the int fields.
+ *
+ * @since 2.3.0
+ * @uses sanitize_user_field() Used to sanitize the fields.
+ *
+ * @param object|array $user The User Object or Array
+ * @param string $context Optional, default is 'display'. How to sanitize user fields.
+ * @return object|array The now sanitized User Object or Array (will be the same type as $user)
+ */
+function sanitize_user_object($user, $context = 'display') {
+        if ( is_object($user) ) {
+                if ( !isset($user-&gt;ID) )
+                        $user-&gt;ID = 0;
+                if ( isset($user-&gt;data) )
+                        $vars = get_object_vars( $user-&gt;data );
+                else
+                        $vars = get_object_vars($user);
+                foreach ( array_keys($vars) as $field ) {
+                        if ( is_array($user-&gt;$field) )
+                                continue;
+                        $user-&gt;$field = sanitize_user_field($field, $user-&gt;$field, $user-&gt;ID, $context);
+                }
+                $user-&gt;filter = $context;
+        } else {
+                if ( !isset($user['ID']) )
+                        $user['ID'] = 0;
+                foreach ( array_keys($user) as $field )
+                        $user[$field] = sanitize_user_field($field, $user[$field], $user['ID'], $context);
+                $user['filter'] = $context;
+        }
+
+        return $user;
+}
+
+/**
+ * Sanitize user field based on context.
+ *
+ * Possible context values are:  'raw', 'edit', 'db', 'display', 'attribute' and 'js'. The
+ * 'display' context is used by default. 'attribute' and 'js' contexts are treated like 'display'
+ * when calling filters.
+ *
+ * @since 2.3.0
+ * @uses apply_filters() Calls 'edit_$field' and '${field_no_prefix}_edit_pre' passing $value and
+ *  $user_id if $context == 'edit' and field name prefix == 'user_'.
+ *
+ * @uses apply_filters() Calls 'edit_user_$field' passing $value and $user_id if $context == 'db'.
+ * @uses apply_filters() Calls 'pre_$field' passing $value if $context == 'db' and field name prefix == 'user_'.
+ * @uses apply_filters() Calls '${field}_pre' passing $value if $context == 'db' and field name prefix != 'user_'.
+ *
+ * @uses apply_filters() Calls '$field' passing $value, $user_id and $context if $context == anything
+ *  other than 'raw', 'edit' and 'db' and field name prefix == 'user_'.
+ * @uses apply_filters() Calls 'user_$field' passing $value if $context == anything other than 'raw',
+ *  'edit' and 'db' and field name prefix != 'user_'.
+ *
+ * @param string $field The user Object field name.
+ * @param mixed $value The user Object value.
+ * @param int $user_id user ID.
+ * @param string $context How to sanitize user fields. Looks for 'raw', 'edit', 'db', 'display',
+ *               'attribute' and 'js'.
+ * @return mixed Sanitized value.
+ */
+function sanitize_user_field($field, $value, $user_id, $context) {
+        $int_fields = array('ID');
+        if ( in_array($field, $int_fields) )
+                $value = (int) $value;
+
+        if ( 'raw' == $context )
+                return $value;
+
+        if ( is_array($value) )
+                return $value;
+
+        $prefixed = false;
+        if ( false !== strpos($field, 'user_') ) {
+                $prefixed = true;
+                $field_no_prefix = str_replace('user_', '', $field);
+        }
+
+        if ( 'edit' == $context ) {
+                if ( $prefixed ) {
+                        $value = apply_filters(&quot;edit_$field&quot;, $value, $user_id);
+                } else {
+                        $value = apply_filters(&quot;edit_user_$field&quot;, $value, $user_id);
+                }
+
+                if ( 'description' == $field )
+                        $value = esc_html($value);
+                else
+                        $value = esc_attr($value);
+        } else if ( 'db' == $context ) {
+                if ( $prefixed ) {
+                        $value = apply_filters(&quot;pre_$field&quot;, $value);
+                } else {
+                        $value = apply_filters(&quot;pre_user_$field&quot;, $value);
+                }
+        } else {
+                // Use display filters by default.
+                if ( $prefixed )
+                        $value = apply_filters($field, $value, $user_id, $context);
+                else
+                        $value = apply_filters(&quot;user_$field&quot;, $value, $user_id, $context);
+        }
+
+        if ( 'user_url' == $field )
+                $value = esc_url($value);
+
+        if ( 'attribute' == $context )
+                $value = esc_attr($value);
+        else if ( 'js' == $context )
+                $value = esc_js($value);
+
+        return $value;
+}
+
</ins><span class="cx"> ?&gt;
</span></span></pre>
</div>
</div>

</body>
</html>