sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use CDATA escaping on fields. Props tellyworth. fixes #4452 

git-svn-id: https://develop.svn.wordpress.org/trunk@5711 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2007-06-15 17:22:38 +00:00
parent 6da4a34496
commit 2383b46194
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/export.php
View File

@ -131,7 +131,7 @@ print '<?xml version="1.0" encoding="' . get_bloginfo('charset') . '"?' . ">\n";
This is a WordPress eXtended RSS file generated by WordPress as an export of
your blog. It contains information about your blog's posts, comments, and
categories. You may use this file to transfer that content from one site to
another. This file is not intended to serve as a complete backup of your
another. This file is not intended to serve as a complete backup of your
blog.
To import this information into a WordPress blog follow these steps:
@ -203,7 +203,7 @@ $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post
if ( $comments ) { foreach ( $comments as $c ) { ?>
<wp:comment>
<wp:comment_id><?php echo $c->comment_ID; ?></wp:comment_id>
<wp:comment_author><?php echo $c->comment_author; ?></wp:comment_author>
<wp:comment_author><?php echo wxr_cdata($c->comment_author); ?></wp:comment_author>
<wp:comment_author_email><?php echo $c->comment_author_email; ?></wp:comment_author_email>
<wp:comment_author_url><?php echo $c->comment_author_url; ?></wp:comment_author_url>
<wp:comment_author_IP><?php echo $c->comment_author_IP; ?></wp:comment_author_IP>

6
wp-admin/import/wordpress.php
View File

@ -37,7 +37,8 @@ class WP_Import {
function get_tag( $string, $tag ) {
global $wpdb;
preg_match("|<$tag.*?>(.*?)</$tag>|is", $string, $return);
$return = $wpdb->escape( trim( $return[1] ) );
$return = preg_replace('|<!\[CDATA\[(.*)\]\]>|', '$1', $return[1]);
$return = $wpdb->escape( trim( $return ) );
return $return;
}
@ -215,7 +216,7 @@ class WP_Import {
$cat_names = (array) $wpdb->get_col("SELECT cat_name FROM $wpdb->categories");
while ( $c = array_shift($this->categories) ) {
$cat_name = trim(str_replace(array ('<![CDATA[', ']]>'), '', $this->get_tag( $c, 'wp:cat_name' )));
$cat_name = trim($this->get_tag( $c, 'wp:cat_name' ));
// If the category exists we leave it alone
if ( in_array($cat_name, $cat_names) )
@ -274,7 +275,6 @@ class WP_Import {
$post_author = $this->get_tag( $post, 'dc:creator' );
$post_content = $this->get_tag( $post, 'content:encoded' );
$post_content = str_replace(array ('<![CDATA[', ']]>'), '', $post_content);
$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
$post_content = str_replace('<br>', '<br />', $post_content);
$post_content = str_replace('<hr>', '<hr />', $post_content);