From a4912dccf276c7d6e3ef5c997fd2e4e4a760b18f Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Tue, 17 Nov 2009 19:25:01 +0000
Subject: [PATCH] Use preg_replace_callback to eliminate eval. Props BenBE1987.
 fixes #10896

git-svn-id: https://develop.svn.wordpress.org/trunk@12198 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/includes/post.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php
index 75dee30fe5..7dc3c2a2e9 100644
--- a/wp-admin/includes/post.php
+++ b/wp-admin/includes/post.php
@@ -713,6 +713,7 @@ function update_meta( $meta_id, $meta_key, $meta_value ) {
  * @return unknown
  */
 function _fix_attachment_links( $post_ID ) {
+	global $_fix_attachment_link_id;
 
 	$post = & get_post( $post_ID, ARRAY_A );
 
@@ -740,7 +741,8 @@ function _fix_attachment_links( $post_ID ) {
 		}
 
 		$post_search[$i] = $anchor;
-		$post_replace[$i] = preg_replace( "#href=(\"|')[^'\"]*\\1#e", "stripslashes( 'href=\\1' ).get_attachment_link( $id ).stripslashes( '\\1' )", $anchor );
+		 $_fix_attachment_link_id = $id;
+		$post_replace[$i] = preg_replace_callback( "#href=(\"|')[^'\"]*\\1#", '_fix_attachment_links_replace_cb', $anchor );
 		++$i;
 	}
 
@@ -752,6 +754,11 @@ function _fix_attachment_links( $post_ID ) {
 	return wp_update_post( $post);
 }
 
+function _fix_attachment_links_replace_cb($match) {
+        global $_fix_attachment_link_id;
+        return stripslashes( 'href='.$m[1] ).get_attachment_link( $_fix_attachment_link_id ).stripslashes( $m[1] );
+}
+
 /**
  * Move child posts to a new parent.
  *