[wp-testers] RE: wp_kses kills <!--more--> tags from xmlrpc posted
entries
Owen Winkler
ringmaster at midnightcircus.com
Fri Dec 23 14:12:39 GMT 2005
Andy Skelton wrote:
> On 12/22/05, Toby Simmons <toby at simmonsconsulting.com> wrote:
>
>>+ if (preg_match('%^<!--[^>-]+-->$%', $string))
>
>
> This will not match comments such as this:
> <!--my-awesome-comment-->
Even worse, it won't match comments like this:
<!-- my-awesome-comment > your-awesome-comment -->
Because the > in the middle of the comment causes wp_kses_split() to
send only "<!--my-awesome-comment >" on to wp_kses_split2(). Yuck.
Better to replace the regex in wp_kses_split() to handle comments correctly:
(<!--.*?-->)|(<[^>]*(>|$)|>)
Note that the order of these match groups is important, because it
should attempt to match comments first before erroneously matching
greater-thans inside the comment.
After that, change Toby's regex to properly check for comments with
anything inside:
^<!--.*-->$
I didn't test any of this in code, but it runs well in my regex checker.
Toby, try refactoring with these changes and see if that works better.
(Regexes provided here are without delimiters or escaping, if required.)
Owen
More information about the wp-testers
mailing list