From c70879e5ec9f0fed681e947a61580a7d2d6d97a2 Mon Sep 17 00:00:00 2001 From: Weston Ruter Date: Wed, 25 Apr 2018 17:41:43 -0700 Subject: [PATCH] Prevent Kses from corrupting JSON in term_description --- includes/utils/class-amp-validation-utils.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/includes/utils/class-amp-validation-utils.php b/includes/utils/class-amp-validation-utils.php index 0783812f701..54dffc75f65 100644 --- a/includes/utils/class-amp-validation-utils.php +++ b/includes/utils/class-amp-validation-utils.php @@ -2136,9 +2136,16 @@ public static function handle_validation_error_update( $redirect_to, $action, $t } if ( $term_group ) { + $has_pre_term_description_filter = has_filter( 'pre_term_description', 'wp_filter_kses' ); + if ( false !== $has_pre_term_description_filter ) { + remove_filter( 'pre_term_description', 'wp_filter_kses', $has_pre_term_description_filter ); + } foreach ( $term_ids as $term_id ) { wp_update_term( $term_id, self::TAXONOMY_SLUG, compact( 'term_group' ) ); } + if ( false !== $has_pre_term_description_filter ) { + add_filter( 'pre_term_description', 'wp_filter_kses', $has_pre_term_description_filter ); + } $redirect_to = add_query_arg( array( 'amp_actioned' => $action, @@ -2213,7 +2220,14 @@ public static function store_validation_errors( $validation_errors, $url ) { // Not using WP_Term_Query since more likely individual terms are cached and wp_insert_term() will itself look at this cache anyway. $term = get_term_by( 'slug', $term_slug, self::TAXONOMY_SLUG ); if ( ! ( $term instanceof WP_Term ) ) { + $has_pre_term_description_filter = has_filter( 'pre_term_description', 'wp_filter_kses' ); + if ( false !== $has_pre_term_description_filter ) { + remove_filter( 'pre_term_description', 'wp_filter_kses', $has_pre_term_description_filter ); + } $r = wp_insert_term( $term_slug, self::TAXONOMY_SLUG, wp_slash( compact( 'description' ) ) ); + if ( false !== $has_pre_term_description_filter ) { + add_filter( 'pre_term_description', 'wp_filter_kses', $has_pre_term_description_filter ); + } if ( is_wp_error( $r ) ) { continue; }