WordPress.org

Make WordPress Core

Ticket #13377: 13377.diff

File 13377.diff, 3.0 KB (added by kawauso, 5 years ago)
  • wp-admin/includes/template.php

     
    659659                        $selected = " selected='selected'"; 
    660660                else 
    661661                        $selected = ''; 
    662         echo "\n\t<option value='".$templates[$template]."' $selected>$template</option>"; 
     662        echo "\n\t<option value='".$templates[$template]."' $selected>" . esc_html( $template ) . '</option>'; 
    663663        endforeach; 
    664664} 
    665665 
  • wp-admin/theme-editor.php

     
    134134 <div id="message" class="updated"><p><?php _e('File edited successfully.') ?></p></div> 
    135135<?php endif; 
    136136 
    137 $description = get_file_description($file); 
    138 $desc_header = ( $description != $file_show ) ? "$description <span>($file_show)</span>" : $file_show; 
     137$description = trim( get_file_description($file) ); 
     138$desc_header = ( $description != $file_show ) ? esc_html( $description ) . " <span>($file_show)</span>" : $file_show; 
    139139 
    140140$is_child_theme = $themes[$theme]['Template'] != $themes[$theme]['Stylesheet']; 
    141141?> 
     
    185185 
    186186                $description = trim( get_file_description($template_file) ); 
    187187                $template_show = basename($template_file); 
    188                 $filedesc = ( $description != $template_file ) ? "$description<br /><span class='nonessential'>($template_show)</span>" : "$description"; 
    189                 $filedesc = ( $template_file == $file ) ? "<span class='highlight'>$description<br /><span class='nonessential'>($template_show)</span></span>" : $filedesc; 
     188                if ( $template_file == $file ) 
     189                        $filedesc = "<span class='highlight'>" . esc_html( $description ) . "<br /><span class='nonessential'>($template_show)</span></span>"; 
     190                else 
     191                        $filedesc = ( $description != $template_file ) ? esc_html( $description ) . "<br /><span class='nonessential'>($template_show)</span>" : $template_file; 
    190192                $template_mapping[ $description ] = array( _get_template_edit_filename($template_file, $template_dir), $filedesc ); 
    191193        } 
    192194        ksort( $template_mapping ); 
     
    207209 
    208210                $description = trim( get_file_description($style_file) ); 
    209211                $style_show = basename($style_file); 
    210                 $filedesc = ( $description != $style_file ) ? "$description<br /><span class='nonessential'>($style_show)</span>" : "$description"; 
    211                 $filedesc = ( $style_file == $file ) ? "<span class='highlight'>$description<br /><span class='nonessential'>($style_show)</span></span>" : $filedesc; 
     212                if ( $style_file == $file ) 
     213                        $filedesc = "<span class='highlight'>" . esc_html( $description ) . "<br /><span class='nonessential'>($style_show)</span></span>"; 
     214                else 
     215                        $filedesc = ( $description != $style_file ) ? esc_html( $description ) . "<br /><span class='nonessential'>($style_show)</span>" : $style_file; 
    212216                $template_mapping[ $description ] = array( _get_template_edit_filename($style_file, $stylesheet_dir), $filedesc ); 
    213217        } 
    214218        ksort( $template_mapping );