Ticket #17563: 17563.url-escaping-in-twenty-eleven.diff
File 17563.url-escaping-in-twenty-eleven.diff, 15.1 KB (added by , 14 years ago) |
---|
-
wp-content/themes/twentyeleven/content-single.php
15 15 <div class="entry-meta"> 16 16 <?php 17 17 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 18 get_permalink(),18 esc_url( get_permalink() ), 19 19 get_the_date( 'c' ), 20 20 get_the_date(), 21 get_author_posts_url( get_the_author_meta( 'ID') ),21 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 22 22 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 23 23 get_the_author() 24 24 ); … … 45 45 /* translators: used between list items, there is a space after the comma */ 46 46 get_the_category_list( __( ', ', 'twentyeleven' ) ), 47 47 $tag_list, 48 get_permalink(),48 esc_url( get_permalink() ), 49 49 the_title_attribute( 'echo=0' ), 50 50 get_the_author(), 51 get_author_posts_url( get_the_author_meta( 'ID') )51 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ) 52 52 ); 53 53 ?> 54 54 <?php edit_post_link( __( 'Edit', 'twentyeleven' ), '<span class="edit-link">', '</span>' ); ?> … … 62 62 <h2><?php printf( esc_attr__( 'About %s', 'twentyeleven' ), get_the_author() ); ?></h2> 63 63 <?php the_author_meta( 'description' ); ?> 64 64 <div id="author-link"> 65 <a href="<?php echo get_author_posts_url( get_the_author_meta( 'ID') ); ?>">65 <a href="<?php echo esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ); ?>"> 66 66 <?php printf( __( 'View all posts by %s <span class="meta-nav">→</span>', 'twentyeleven' ), get_the_author() ); ?> 67 67 </a> 68 68 </div><!-- #author-link --> -
wp-content/themes/twentyeleven/content-aside.php
41 41 <footer class="entry-meta"> 42 42 <?php 43 43 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 44 get_permalink(),44 esc_url( get_permalink() ), 45 45 get_the_date( 'c' ), 46 46 get_the_date(), 47 get_author_posts_url( get_the_author_meta( 'ID') ),47 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 48 48 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 49 49 get_the_author() 50 50 ); -
wp-content/themes/twentyeleven/author.php
24 24 ?> 25 25 26 26 <header class="page-header"> 27 <h1 class="page-title author"><?php printf( __( 'Author Archives: %s', 'twentyeleven' ), '<span class="vcard"><a class="url fn n" href="' . get_author_posts_url( get_the_author_meta( "ID") ) . '" title="' . esc_attr( get_the_author() ) . '" rel="me">' . get_the_author() . '</a></span>' ); ?></h1>27 <h1 class="page-title author"><?php printf( __( 'Author Archives: %s', 'twentyeleven' ), '<span class="vcard"><a class="url fn n" href="' . esc_url( get_author_posts_url( get_the_author_meta( "ID" ) ) ) . '" title="' . esc_attr( get_the_author() ) . '" rel="me">' . get_the_author() . '</a></span>' ); ?></h1> 28 28 </header> 29 29 30 30 <?php -
wp-content/themes/twentyeleven/content-link.php
41 41 <footer class="entry-meta"> 42 42 <?php 43 43 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 44 get_permalink(),44 esc_url( get_permalink() ), 45 45 get_the_date( 'c' ), 46 46 get_the_date(), 47 get_author_posts_url( get_the_author_meta( 'ID') ),47 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 48 48 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 49 49 get_the_author() 50 50 ); -
wp-content/themes/twentyeleven/content-featured.php
16 16 <div class="entry-meta"> 17 17 <?php 18 18 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 19 get_permalink(),19 esc_url( get_permalink() ), 20 20 get_the_date( 'c' ), 21 21 get_the_date(), 22 get_author_posts_url( get_the_author_meta( 'ID') ),22 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 23 23 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 24 24 get_the_author() 25 25 ); … … 46 46 /* translators: used between list items, there is a space after the comma */ 47 47 get_the_category_list( __( ', ', 'twentyeleven' ) ), 48 48 $tag_list, 49 get_permalink(),49 esc_url( get_permalink() ), 50 50 the_title_attribute( 'echo=0' ) 51 51 ); 52 52 ?> -
wp-content/themes/twentyeleven/content.php
23 23 <div class="entry-meta"> 24 24 <?php 25 25 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 26 get_permalink(),26 esc_url( get_permalink() ), 27 27 get_the_date( 'c' ), 28 28 get_the_date(), 29 get_author_posts_url( get_the_author_meta( 'ID') ),29 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 30 30 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 31 31 get_the_author() 32 32 ); -
wp-content/themes/twentyeleven/content-image.php
40 40 <div class="entry-meta"> 41 41 <?php 42 42 printf( __( '<a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 43 get_permalink(),43 esc_url( get_permalink() ), 44 44 get_the_date( 'c' ), 45 45 get_the_date(), 46 get_author_posts_url( get_the_author_meta( 'ID') ),46 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 47 47 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 48 48 get_the_author() 49 49 ); -
wp-content/themes/twentyeleven/content-status.php
42 42 <footer class="entry-meta"> 43 43 <?php 44 44 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 45 get_permalink(),45 esc_url( get_permalink() ), 46 46 get_the_date( 'c' ), 47 47 get_the_date(), 48 get_author_posts_url( get_the_author_meta( 'ID') ),48 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 49 49 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 50 50 get_the_author() 51 51 ); -
wp-content/themes/twentyeleven/content-quote.php
19 19 <div class="entry-meta"> 20 20 <?php 21 21 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 22 get_permalink(),22 esc_url( get_permalink() ), 23 23 get_the_date( 'c' ), 24 24 get_the_date(), 25 get_author_posts_url( get_the_author_meta( 'ID') ),25 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 26 26 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 27 27 get_the_author() 28 28 ); -
wp-content/themes/twentyeleven/content-gallery.php
20 20 <div class="entry-meta"> 21 21 <?php 22 22 printf( __( '<span class="sep">Posted on </span><a href="%1$s" rel="bookmark"><time class="entry-date" datetime="%2$s" pubdate>%3$s</time></a> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="%4$s" title="%5$s">%6$s</a></span>', 'twentyeleven' ), 23 get_permalink(),23 esc_url( get_permalink() ), 24 24 get_the_date( 'c' ), 25 25 get_the_date(), 26 get_author_posts_url( get_the_author_meta( 'ID') ),26 esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ), 27 27 sprintf( esc_attr__( 'View all posts by %s', 'twentyeleven' ), get_the_author() ), 28 28 get_the_author() 29 29 ); … … 54 54 </figure><!-- .gallery-thumb --> 55 55 56 56 <p><em><?php printf( _n( 'This gallery contains <a %1$s>%2$s photo</a>.', 'This gallery contains <a %1$s>%2$s photos</a>.', $total_images, 'twentyeleven' ), 57 'href="' . get_permalink() . '" title="' . sprintf( esc_attr__( 'Permalink to %s', 'twentyeleven' ), the_title_attribute( 'echo=0' ) ) . '" rel="bookmark"',57 'href="' . esc_url( get_permalink() ) . '" title="' . sprintf( esc_attr__( 'Permalink to %s', 'twentyeleven' ), the_title_attribute( 'echo=0' ) ) . '" rel="bookmark"', 58 58 number_format_i18n( $total_images ) 59 59 ); ?></em></p> 60 60 <?php endif; ?> -
wp-content/themes/twentyeleven/functions.php
325 325 * Returns a "Continue Reading" link for excerpts 326 326 */ 327 327 function twentyeleven_continue_reading_link() { 328 return ' <a href="'. get_permalink() . '">' . __( 'Continue reading <span class="meta-nav">→</span>', 'twentyeleven' ) . '</a>';328 return ' <a href="'. esc_url( get_permalink() ) . '">' . __( 'Continue reading <span class="meta-nav">→</span>', 'twentyeleven' ) . '</a>'; 329 329 } 330 330 331 331 /** -
wp-content/themes/twentyeleven/image.php
29 29 printf( __( '<span class="meta-prep meta-prep-entry-date">Published </span> <span class="entry-date"><abbr class="published" title="%1$s">%2$s</abbr></span> at <a href="%3$s" title="Link to full-size image">%4$s × %5$s</a> in <a href="%6$s" title="Return to %7$s" rel="gallery">%7$s</a>', 'twentyeleven' ), 30 30 esc_attr( get_the_time() ), 31 31 get_the_date(), 32 wp_get_attachment_url(),32 esc_url( wp_get_attachment_url() ), 33 33 $metadata['width'], 34 34 $metadata['height'], 35 get_permalink( $post->post_parent),35 esc_url( get_permalink( $post->post_parent ) ), 36 36 get_the_title( $post->post_parent ) 37 37 ); 38 38 ?> … … 69 69 $next_attachment_url = wp_get_attachment_url(); 70 70 } 71 71 ?> 72 <a href="<?php echo $next_attachment_url; ?>" title="<?php echo esc_attr( get_the_title() ); ?>" rel="attachment"><?php72 <a href="<?php echo esc_url( $next_attachment_url ); ?>" title="<?php echo esc_attr( get_the_title() ); ?>" rel="attachment"><?php 73 73 $attachment_size = apply_filters( 'twentyeleven_attachment_size', 848 ); 74 74 echo wp_get_attachment_image( $post->ID, array( $attachment_size, 1024 ) ); // filterable image width with 1024px limit for image height. 75 75 ?></a> … … 92 92 93 93 <footer class="entry-meta"> 94 94 <?php if ( comments_open() && pings_open() ) : // Comments and trackbacks open ?> 95 <?php printf( __( '<a class="comment-link" href="#respond" title="Post a comment">Post a comment</a> or leave a trackback: <a class="trackback-link" href="%s" title="Trackback URL for your post" rel="trackback">Trackback URL</a>.', 'twentyeleven' ), get_trackback_url() ); ?>95 <?php printf( __( '<a class="comment-link" href="#respond" title="Post a comment">Post a comment</a> or leave a trackback: <a class="trackback-link" href="%s" title="Trackback URL for your post" rel="trackback">Trackback URL</a>.', 'twentyeleven' ), esc_url( get_trackback_url() ) ); ?> 96 96 <?php elseif ( ! comments_open() && pings_open() ) : // Only trackbacks open ?> 97 <?php printf( __( 'Comments are closed, but you can leave a trackback: <a class="trackback-link" href="%s" title="Trackback URL for your post" rel="trackback">Trackback URL</a>.', 'twentyeleven' ), get_trackback_url() ); ?>97 <?php printf( __( 'Comments are closed, but you can leave a trackback: <a class="trackback-link" href="%s" title="Trackback URL for your post" rel="trackback">Trackback URL</a>.', 'twentyeleven' ), esc_url( get_trackback_url() ) ); ?> 98 98 <?php elseif ( comments_open() && ! pings_open() ) : // Only comments open ?> 99 99 <?php _e( 'Trackbacks are closed, but you can <a class="comment-link" href="#respond" title="Post a comment">post a comment</a>.', 'twentyeleven' ); ?> 100 100 <?php elseif ( ! comments_open() && ! pings_open() ) : // Comments and trackbacks closed ?>