js_escape improvements from Alexander Concha. Catches &#39 &#039 ' ' ' &#X000027; &#x000027 etc.

git-svn-id: https://develop.svn.wordpress.org/trunk@5734 602fd350-edb4-49c9-b593-d223f7449a82
2007-06-19 22:46:55 +00:00 · 2007-06-19 22:46:55 +00:00 · d907ae8841
parent a4d31e4b3d
commit d907ae8841
1 changed files with 1 additions and 1 deletions
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@ -1105,7 +1105,7 @@ function htmlentities2($myHTML) {
 // Escape single quotes, specialchar double quotes, and fix line endings.
 function js_escape($text) {
 	$safe_text = wp_specialchars($text, 'double');
-	$safe_text = str_replace('&#039;', "'", $safe_text);
+	$safe_text = preg_replace('/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes($safe_text));
 	$safe_text = preg_replace("/\r?\n/", "\\n", addslashes($safe_text));
 	return apply_filters('js_escape', $safe_text, $text);
 }