Ticket #14996: 14996.2.diff
| File 14996.2.diff, 1.3 KB (added by , 14 years ago) |
|---|
-
wp-admin/includes/media.php
636 636 if ( !empty($href) && !strpos($href, '://') ) 637 637 $href = "http://$href"; 638 638 639 $title = esc_attr( $_POST['insertonly']['title']);639 $title = esc_attr(stripslashes($_POST['insertonly']['title'])); 640 640 if ( empty($title) ) 641 641 $title = esc_attr( basename($href) ); 642 642 … … 695 695 if ( !empty($href) && !strpos($href, '://') ) 696 696 $href = "http://$href"; 697 697 698 $title = esc_attr( $_POST['insertonly']['title']);698 $title = esc_attr(stripslashes($_POST['insertonly']['title'])); 699 699 if ( empty($title) ) 700 700 $title = esc_attr( basename($href) ); 701 701 … … 754 754 if ( !empty($href) && !strpos($href, '://') ) 755 755 $href = "http://$href"; 756 756 757 $title = esc_attr( $_POST['insertonly']['title']);757 $title = esc_attr(stripslashes($_POST['insertonly']['title'])); 758 758 if ( empty($title) ) 759 759 $title = basename($href); 760 760 761 if ( !empty($title) && !empty($href) ) 761 762 $html = "<a href='" . esc_url($href) . "' >$title</a>"; 763 762 764 $html = apply_filters('file_send_to_editor_url', $html, esc_url_raw($href), $title); 765 763 766 return media_send_to_editor($html); 764 767 } 765 768