Escape taxonomy labels in tags meta box
|Reported by:||niallkennedy||Owned by:|
While browsing the code for the tags post meta box I noticed many values were echoed without escaping. Taxonomy [labels http://core.trac.wordpress.org/browser/tags/3.3/wp-includes/taxonomy.php#L14 from wp-includes/taxonomy.php] or elsewhere may have passed through gettext and contain escapable characters in the returned string.
Before: echo $taxonomy->labels->add_new_item
After: echo esc_html( $taxonomy->labels->add_new_item )
While I was in there I also assigned the assign_terms capability test into a single variable compared three times instead of calling the capabilities function three times. Performance benefit, slightly cleaner.
The disabled attribute is a boolean attribute in HTML5; changed that string as well. The variable is only used once and could be a good candidate for a ternary operator based on WP coding standards but the assigned string change is a cleaner patch compare.