diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-05-21 18:37:58 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-05-21 18:37:58 +0000 |
commit | 89fe0ff804e7c6497ebacc8b341ac89974f6f255 (patch) | |
tree | 3fce310b29c685008fdbb75c5ab531bc3a6ae12a /wp-includes/theme.php | |
parent | a139071806ba941346a109fbefb2d5f22bae1cc4 (diff) | |
download | wordpress-mu-89fe0ff804e7c6497ebacc8b341ac89974f6f255.tar.gz wordpress-mu-89fe0ff804e7c6497ebacc8b341ac89974f6f255.tar.xz wordpress-mu-89fe0ff804e7c6497ebacc8b341ac89974f6f255.zip |
WP Merge to rev 5499, this is a big one! Test it before you put it live!
Test only, not for production use yet
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@972 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-includes/theme.php')
-rw-r--r-- | wp-includes/theme.php | 46 |
1 files changed, 32 insertions, 14 deletions
diff --git a/wp-includes/theme.php b/wp-includes/theme.php index 2a7ac8c..c251935 100644 --- a/wp-includes/theme.php +++ b/wp-includes/theme.php @@ -56,6 +56,21 @@ function get_template_directory_uri() { } function get_theme_data( $theme_file ) { + $themes_allowed_tags = array( + 'a' => array( + 'href' => array(),'title' => array() + ), + 'abbr' => array( + 'title' => array() + ), + 'acronym' => array( + 'title' => array() + ), + 'code' => array(), + 'em' => array(), + 'strong' => array() + ); + $theme_data = implode( '', file( $theme_file ) ); $theme_data = str_replace ( '\r', '\n', $theme_data ); preg_match( '|Theme Name:(.*)|i', $theme_data, $theme_name ); @@ -64,26 +79,28 @@ function get_theme_data( $theme_file ) { preg_match( '|Author:(.*)|i', $theme_data, $author_name ); preg_match( '|Author URI:(.*)|i', $theme_data, $author_uri ); preg_match( '|Template:(.*)|i', $theme_data, $template ); + if ( preg_match( '|Version:(.*)|i', $theme_data, $version ) ) - $version = trim( $version[1] ); + $version = wp_kses( trim( $version[1] ), $themes_allowed_tags ); else - $version =''; + $version = ''; + if ( preg_match('|Status:(.*)|i', $theme_data, $status) ) - $status = trim($status[1]); + $status = wp_kses( trim( $status[1] ), $themes_allowed_tags ); else $status = 'publish'; - - $description = wptexturize( trim( $description[1] ) ); - - $name = $theme_name[1]; - $name = trim( $name ); - $theme = $name; - $theme_uri = trim( $theme_uri[1] ); - - if ( '' == $author_uri[1] ) { - $author = trim( $author_name[1] ); + + $name = $theme = wp_kses( trim( $theme_name[1] ), $themes_allowed_tags ); + $theme_uri = clean_url( trim( $theme_uri[1] ) ); + $description = wptexturize( wp_kses( trim( $description[1] ), $themes_allowed_tags ) ); + $template = wp_kses( trim( $template[1] ), $themes_allowed_tags ); + + $author_uri = clean_url( trim( $author_uri[1] ) ); + + if ( empty( $author_uri[1] ) ) { + $author = wp_kses( trim( $author_name[1] ), $themes_allowed_tags ); } else { - $author = '<a href="' . trim( $author_uri[1] ) . '" title="' . __('Visit author homepage') . '">' . trim( $author_name[1] ) . '</a>'; + $author = sprintf( '<a href="%1$s" title="%2$s">%3$s</a>', $author_uri, __( 'Visit author homepage' ), wp_kses( trim( $author_name[1] ), $themes_allowed_tags ) ); } return array( 'Name' => $name, 'Title' => $theme, 'URI' => $theme_uri, 'Description' => $description, 'Author' => $author, 'Version' => $version, 'Template' => $template[1], 'Status' => $status ); @@ -163,6 +180,7 @@ function get_themes() { $template = $theme_data['Template']; $stylesheet = dirname($theme_file); + $screenshot = false; foreach ( array('png', 'gif', 'jpg', 'jpeg') as $ext ) { if (file_exists("$theme_root/$stylesheet/screenshot.$ext")) { $screenshot = "screenshot.$ext"; |