[wp-trac] [WordPress Trac] #10896: preg_replace with eval modifier used in _fix_attachment_links

WordPress Trac wp-trac at lists.automattic.com
Sat Oct 3 21:41:03 UTC 2009 

#10896: preg_replace with eval modifier used in _fix_attachment_links
--------------------------+-------------------------------------------------
 Reporter:  westi         |       Owner:  westi      
     Type:  defect (bug)  |      Status:  new        
 Priority:  normal        |   Milestone:  2.9        
Component:  Security      |     Version:  2.8.4      
 Severity:  normal        |    Keywords:  needs-patch
--------------------------+-------------------------------------------------

Comment(by BenBE1987):

 Patched locally for me as:

 {{{
 //
 // Private
 //

 global $_fix_attachment_link_id;
 function _fix_attachment_links_replaceCB($match) {
         global $_fix_attachment_link_id;
         return stripslashes( 'href='.$m[1] ).get_attachment_link(
 $_fix_attachment_link_id ).stripslashes( $m[1] );
 }

 /**
  * Replace hrefs of attachment anchors with up-to-date permalinks.
  *
  * @since unknown
  * @access private
  *
  * @param unknown_type $post_ID
  * @return unknown
  */
 function _fix_attachment_links( $post_ID ) {
         global $_fix_attachment_link_id;

         $post = & get_post( $post_ID, ARRAY_A );

         $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";

         // See if we have any rel="attachment" links
         if ( 0 == preg_match_all( $search, $post['post_content'],
 $anchor_matches, PREG_PATTERN_ORDER ) )
                 return;

         $i = 0;
         $search = "#[\s]+rel=(\"|')(.*?)wp-att-(\d+)\\1#i";
         foreach ( $anchor_matches[0] as $anchor ) {
                 if ( 0 == preg_match( $search, $anchor, $id_matches ) )
                         continue;

                 $id = (int) $id_matches[3];

                 // While we have the attachment ID, let's adopt any
 orphans.
                 $attachment = & get_post( $id, ARRAY_A );
                 if ( ! empty( $attachment) && ! is_object( get_post(
 $attachment['post_parent'] ) ) ) {
                         $attachment['post_parent'] = $post_ID;
                         // Escape data pulled from DB.
                         $attachment = add_magic_quotes( $attachment);
                         wp_update_post( $attachment);
                 }

                 $post_search[$i] = $anchor;
                 $_fix_attachment_link_id = $id;
                 $post_replace[$i] = preg_replace_callback(
 "#href=(\"|')[^'\"]*\\1#", '_fix_attachment_links_replaceCB', $anchor );
                 ++$i;
         }

         $post['post_content'] = str_replace( $post_search, $post_replace,
 $post['post_content'] );

         // Escape data pulled from DB.
         $post = add_magic_quotes( $post);

         return wp_update_post( $post);
 }

 }}}


 Not sure if this fully works.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10896#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list