Opened 7 years ago
Closed 6 years ago
#3224 closed defect (bug) (fixed)
wp-admin/upload-js.php uninternationalized
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | low | Milestone: | 2.1 |
| Component: | Administration | Version: | 2.1 |
| Severity: | normal | Keywords: | has-patch 2nd-opinion |
| Cc: |
Description
Internationalized of this file is missing.
Patch attached.
Attachments (3)
Change History (12)
nbachiyski — 7 years ago
comment:1
foolswisdom — 7 years ago
- Keywords has-patch added; bg|has-patch removed
- Milestone set to 2.1
- Version set to 2.1
comment:2
markjaquith — 7 years ago
- Keywords 2nd-opinion added
- Owner changed from anonymous to markjaquith
- Status changed from new to assigned
Not sure whether wp_specialchars or js_escape is best here. Going with wp_specialchars for now.
- Resolution set to fixed
- Status changed from assigned to closed
- Resolution fixed deleted
- Status changed from closed to reopened
markaquith, it's more annoying than that. Sometiems JS interprets " as a real quote mark. It get's a little confusing.
js_escape() was born out of compromise, but it is asymmetric in single v. double quotes, so you still need to be careful. You definitely need to use js_escape() when there's a chance of \n appearing in the string.
Attached fixes some problems.
- Resolution set to fixed
- Status changed from reopened to closed
- Resolution fixed deleted
- Status changed from closed to reopened
Someone killed a > too many in the second line af the last patch.
Note: See
TracTickets for help on using
tickets.
Is addslashes() the right thing to be using? Seems to me that single quotes need to be HTML entitized for HTML validation, and double quotes need to be HTML entitized for JS validation. Wouldn't wp_specialchars($string, true) be the way to go here?