Context Navigation

Back to Ticket #5770

Ticket #5770: default-widgets.php_11391-5770.diff

File default-widgets.php_11391-5770.diff, 9.4 KB (added by AndrewFrazier, 4 years ago)
Updated patch

Line
1	Index: wp-includes/default-widgets.php
2	===================================================================
3	--- wp-includes/default-widgets.php (revision 11391)
4	+++ wp-includes/default-widgets.php (working copy)
5	@@ -555,14 +555,14 @@
6	else if ( $number > 15 )
7	$number = 15;
8
9	- $r = new WP_Query(array('showposts' => $number, 'nopaging' => 0, 'post_status' => 'publish', 'caller_get_posts' => 1));
10	+ $r = new WP_Query(array('showposts' => $number, 'what_to_show' => 'posts', 'nopaging' => 0, 'post_status' => 'publish', 'caller_get_posts' => 1));
11	if ($r->have_posts()) :
12	?>
13	<?php echo $before_widget; ?>
14	<?php if ( $title ) echo $before_title . $title . $after_title; ?>
15	<ul>
16	<?php while ($r->have_posts()) : $r->the_post(); ?>
17	- <li><a href="<?php the_permalink() ?>" title="<?php echo esc_attr(get_the_title() ? get_the_title() : get_the_ID()); ?>"><?php if ( get_the_title() ) the_title(); else the_ID(); ?> </a></li>
18	+ <li><a href="<?php the_permalink() ?>"><?php if ( get_the_title() ) the_title(); else the_ID(); ?> </a></li>
19	<?php endwhile; ?>
20	</ul>
21	<?php echo $after_widget; ?>
22	@@ -659,7 +659,7 @@
23	<?php if ( $title ) echo $before_title . $title . $after_title; ?>
24	<ul id="recentcomments"><?php
25	if ( $comments ) : foreach ( (array) $comments as $comment) :
26	- echo '<li class="recentcomments">' . /* translators: comments widget: 1: comment author, 2: post link */ sprintf(_x('%1$s on %2$s', 'widgets'), get_comment_author_link(), '<a href="' . esc_url( get_comment_link($comment->comment_ID) ) . '">' . get_the_title($comment->comment_post_ID) . '</a>') . '</li>';
27	+ echo '<li class="recentcomments">' . /* translators: comments widget: 1: comment author, 2: post link */ sprintf(_x('%1$s on %2$s', 'widgets'), get_comment_author_link(), '<a href="' . clean_url( get_comment_link($comment->comment_ID) ) . '">' . get_the_title($comment->comment_post_ID) . '</a>') . '</li>';
28	endforeach; endif;?></ul>
29	<?php echo $after_widget; ?>
30	<?php
31	@@ -730,7 +730,7 @@
32	$desc = esc_attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
33	if ( empty($title) )
34	$title = htmlentities(strip_tags($rss->get_title()));
35	- $link = esc_url(strip_tags($rss->get_permalink()));
36	+ $link = clean_url(strip_tags($rss->get_permalink()));
37	while ( stristr($link, 'http') != $link )
38	$link = substr($link, 1);
39	}
40	@@ -739,7 +739,7 @@
41	$title = empty($desc) ? __('Unknown Feed') : $desc;
42
43	$title = apply_filters('widget_title', $title );
44	- $url = esc_url(strip_tags($url));
45	+ $url = clean_url(strip_tags($url));
46	$icon = includes_url('images/rss.png');
47	if ( $title )
48	$title = "<a class='rsswidget' href='$url' title='" . esc_attr(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
49	@@ -813,14 +813,14 @@
50	$link = $item->get_link();
51	while ( stristr($link, 'http') != $link )
52	$link = substr($link, 1);
53	- $link = esc_url(strip_tags($link));
54	+ $link = clean_url(strip_tags($link));
55	$title = esc_attr(strip_tags($item->get_title()));
56	if ( empty($title) )
57	$title = __('Untitled');
58
59	$desc = str_replace(array("\n", "\r"), ' ', esc_attr(strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset')))));
60	$desc = wp_html_excerpt( $desc, 360 ) . ' […]';
61	- $desc = esc_html( $desc );
62	+ $desc = wp_specialchars( $desc );
63
64	if ( $show_summary ) {
65	$summary = "<div class='rssSummary'>$desc</div>";
66	@@ -844,7 +844,7 @@
67	if ( $show_author ) {
68	$author = $item->get_author();
69	$author = $author->get_name();
70	- $author = ' <cite>' . esc_html( strip_tags( $author ) ) . '</cite>';
71	+ $author = ' <cite>' . wp_specialchars( strip_tags( $author ) ) . '</cite>';
72	}
73
74	if ( $link == '' ) {
75	@@ -879,7 +879,7 @@
76
77	$number = esc_attr( $number );
78	$title = esc_attr( $title );
79	- $url = esc_url( $url );
80	+ $url = clean_url( $url );
81	$items = (int) $items;
82	if ( $items < 1 \|\| 20 < $items )
83	$items = 10;
84	@@ -958,7 +958,7 @@
85	$items = (int) $widget_rss['items'];
86	if ( $items < 1 \|\| 20 < $items )
87	$items = 10;
88	- $url = esc_url_raw(strip_tags( $widget_rss['url'] ));
89	+ $url = sanitize_url(strip_tags( $widget_rss['url'] ));
90	$title = trim(strip_tags( $widget_rss['title'] ));
91	$show_summary = (int) $widget_rss['show_summary'];
92	$show_author = (int) $widget_rss['show_author'];
93	@@ -971,7 +971,7 @@
94	if ( is_wp_error($rss) ) {
95	$error = $rss->get_error_message();
96	} else {
97	- $link = esc_url(strip_tags($rss->get_permalink()));
98	+ $link = clean_url(strip_tags($rss->get_permalink()));
99	while ( stristr($link, 'http') != $link )
100	$link = substr($link, 1);
101	}
102	@@ -995,27 +995,77 @@
103	function widget( $args, $instance ) {
104	extract($args);
105	$title = apply_filters('widget_title', empty($instance['title']) ? __('Tags') : $instance['title']);
106	+
107	+ $largest = isset($instance['largest']) ? $instance['largest'] : 22;
108	+ $smallest = isset($instance['smallest']) ? $instance['smallest'] : 6;
109	+ $unit = isset($instance['unit']) ? $instance['unit'] : 'pt';
110	+ $number = isset($instance['number']) ? $instance['number'] : 45;
111	+ $format = isset($instance['format']) ? $instance['format'] : 'flat';
112	+ $orderby = isset($instance['orderby']) ? $instance['orderby'] : 'name';
113	+ $order = isset($instance['order']) ? $instance['order'] : 'ASC';
114
115	echo $before_widget;
116	if ( $title )
117	echo $before_title . $title . $after_title;
118	echo '<div>';
119	- wp_tag_cloud(apply_filters('widget_tag_cloud_args', array()));
120	+ wp_tag_cloud(apply_filters('widget_tag_cloud_args', array('largest' => $largest, 'smallest' => $smallest, 'unit' => $unit, 'number' => $number, 'format' => $format, 'orderby' => $orderby, 'order' => $order )));
121	echo "</div>\n";
122	echo $after_widget;
123	}
124
125	function update( $new_instance, $old_instance ) {
126	$instance['title'] = strip_tags(stripslashes($new_instance['title']));
127	+ $instance['largest'] = $new_instance['largest'];
128	+ $instance['smallest'] = $new_instance['smallest'];
129	+ $instance['unit'] = strip_tags(stripslashes($new_instance['unit']));
130	+ $instance['number'] = $new_instance['number'];
131	+ $instance['format'] = strip_tags(stripslashes($new_instance['format']));
132	+ $instance['orderby'] = strip_tags(stripslashes($new_instance['orderby']));
133	+ $instance['order'] = strip_tags(stripslashes($new_instance['order']));
134	return $instance;
135	}
136
137	function form( $instance ) {
138	?>
139	<p><label for="<?php echo $this->get_field_id('title'); ?>">
140	- <?php _e('Title:') ?>
141	+ <?php _e('Title:'); ?>
142	<input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo esc_attr( $instance['title'] ); ?>" />
143	</label></p>
144	+ <p><label for="<?php echo $this->get_field_id('largest'); ?>">
145	+ <?php _e('Maximum Font Size:'); ?>
146	+ <input type="text" class="widefat" id="<?php echo $this->get_field_id('largest'); ?>" name="<?php echo $this->get_field_name('largest'); ?>" value="<?php echo esc_attr($instance['largest']); ?>" size="4" />
147	+ </label></p>
148	+ <p><label for="<?php echo $this->get_field_id('smallest'); ?>">
149	+ <?php _e('Minimum Font Size:'); ?>
150	+ <input type="text" class="widefat" id="<?php echo $this->get_field_id('smallest'); ?>" name="<?php echo $this->get_field_name('smallest'); ?>" value="<?php echo esc_attr($instance['smallest']); ?>" size="4" />
151	+ </label></p>
152	+ <p><label for="<?php echo $this->get_field_id('unit'); ?>">
153	+ <?php _e('Font size unit:'); ?>
154	+ <input type="text" class="widefat" id="<?php echo $this->get_field_id('unit'); ?>" name="<?php echo $this->get_field_name('unit'); ?>" value="<?php echo esc_attr($instance['unit']); ?>" size="4" />
155	+ </label></p>
156	+ <p><label for="<?php echo $this->get_field_id('number'); ?>">
157	+ <?php _e('Number to show:'); ?>
158	+ <input type="text" class="widefat" id="<?php echo $this->get_field_id('number'); ?>" name="<?php echo $this->get_field_name('number'); ?>" value="<?php echo esc_attr($instance['number']); ?>" size="4" />
159	+ </label></p>
160	+ <p><label for="<?php echo $this->get_field_id('format'); ?>">
161	+ <?php _e('Display Format:'); ?>
162	+ <select class="widefat" size="1" id="<?php echo $this->get_field_id('format'); ?>" name="<?php echo $this->get_field_name('format'); ?>">
163	+ <option value="flat" <?php selected($format, 'flat') ?>><?php _e('Flat'); ?></option>
164	+ <option value="list" <?php selected($format, 'list') ?>><?php _e('List'); ?></option>
165	+ </select></label></p>
166	+ <p><label for="<?php echo $this->get_field_id('orderby'); ?>">
167	+ <?php _e('Order By:'); ?>
168	+ <select class="widefat" size="1" id="<?php echo $this->get_field_id('orderby'); ?>" name="<?php echo $this->get_field_name('orderby'); ?>">
169	+ <option value="name" <?php selected($orderby, 'name') ?>><?php _e('Name'); ?></option>
170	+ <option value="count" <?php selected($orderby, 'count') ?>><?php _e('Count'); ?></option>
171	+ </select></label></p>
172	+ <p><label for="<?php echo $this->get_field_id('order'); ?>">
173	+ <?php _e('Order:'); ?>
174	+ <select class="widefat" size="1" id="<?php echo $this->get_field_id('order'); ?>" name="<?php echo $this->get_field_name('order'); ?>">
175	+ <option value="ASC" <?php selected($order, 'ASC' )?>><?php _e('Ascending'); ?></option>
176	+ <option value="DESC" <?php selected($order, 'DESC') ?>><?php _e('Descending'); ?></option>
177	+ </select></label></p>
178	+
179	<?php
180	}
181	}

Download in other formats:

Original Format