/**
* Filters content and keeps only allowable HTML elements.
*
* This function makes sure that only the allowed HTML element names, attribute
* names and attribute values plus only sane HTML entities will occur in
* $string. You have to remove any slashes from PHP's magic quotes before you
* call this function.
*
* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
* 'irc', 'gopher', 'nntp', 'feed', 'telnet, 'mms', 'rtsp' and 'svn'. This
* covers all common link protocols, except for 'javascript' which should not
* be allowed for untrusted users.
*
* @since 1.0.0
*
* @param string $string Content to filter through kses
* @param array $allowed_html List of allowed HTML elements
* @param array $allowed_protocols Optional. Allowed protocol in links.
* @return string Filtered content with only allowed HTML elements
*/
function asc_kses($string, $allowed_html, $allowed_protocols = array())
{
if (empty($allowed_protocols)) {
$allowed_protocols = asc_allowed_protocols();
}
$string = asc_kses_no_null($string);
$string = asc_kses_js_entities($string);
$string = asc_kses_normalize_entities($string);
$string = asc_kses_hook($string, $allowed_html, $allowed_protocols);
// WP changed the order of these funcs and added args to asc_kses_hook
return asc_kses_split($string, $allowed_html, $allowed_protocols);
}
/**
* Callback to add a base url to relative links in passed content.
*
* @since 2.7.0
* @access private
*
* @param string $m The matched link.
* @return string The processed link.
*/
function _links_add_base($m)
{
global $_links_add_base;
//1 = attribute name 2 = quotation mark 3 = URL
return $m[1] . '=' . $m[2] . (preg_match('#^(\\w{1,20}):#', $m[3], $protocol) && in_array($protocol[1], asc_allowed_protocols()) ? $m[3] : path_join($_links_add_base, $m[3])) . $m[2];
}
