Ticket #3595: bookmark-template-php-2-3.diff

File bookmark-template-php-2-3.diff, 2.0 KB (added by jhodgdon, 6 years ago)

New patch using sanitize_bookmark_field function for 2.3

Line 
1Index: E:/EclipseWork/WordPressDev/wp-includes/bookmark-template.php
2===================================================================
3--- E:/EclipseWork/WordPressDev/wp-includes/bookmark-template.php       (revision 5974)
4+++ E:/EclipseWork/WordPressDev/wp-includes/bookmark-template.php       (working copy)
5@@ -96,8 +96,8 @@
6                if ( '' != $rel )
7                        $rel = ' rel="' . $rel . '"';
8 
9-               $desc = attribute_escape($row->link_description);
10-               $name = attribute_escape($row->link_name);
11+               $desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
12+               $name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
13                $title = $desc;
14 
15                if ( $show_updated )
16@@ -145,7 +145,7 @@
17 }
18 
19 function get_linkrating($link) {
20-       return apply_filters('link_rating', $link->link_rating);
21+       return sanitize_bookmark_field('link_rating', $link->link_rating, $link->link_id, 'display');
22 }
23 
24 /** function get_linkcatname()
25@@ -229,7 +229,7 @@
26                        // Handle each category.
27 
28                        // Display the category name
29-                       echo '  <li id="linkcat-' . $cat->term_id . '" class="linkcat"><h2>' . $cat->name . "</h2>\n\t<ul>\n";
30+                       echo '  <li id="linkcat-' . $cat->term_id . '" class="linkcat"><h2>' . apply_filters('link_category', $cat->name ) . "</h2>\n\t<ul>\n";
31                        // Call get_links() with all the appropriate params
32                        get_links($cat->term_id, '<li>', "</li>", "\n", true, 'name', false);
33 
34@@ -264,8 +264,8 @@
35                if ( '' != $rel )
36                        $rel = ' rel="' . $rel . '"';
37 
38-               $desc = attribute_escape(apply_filters('link_description', $bookmark->link_description));
39-               $name = attribute_escape(apply_filters('link_title', $bookmark->link_name));
40+               $desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
41+               $name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
42                $title = $desc;
43 
44                if ( $show_updated )