Make WordPress Core

Ticket #18056: 18056.diff

File 18056.diff, 2.2 KB (added by pathawks, 11 years ago)
  • wp-admin/includes/export.php

    diff --git wp-admin/includes/export.php wp-admin/includes/export.php
    index ae08c3c..2835a64 100644
    function export_wp( $args = array() ) { 
    370370                <title><?php echo apply_filters( 'the_title_rss', $post->post_title ); ?></title>
    371371                <link><?php the_permalink_rss() ?></link>
    372372                <pubDate><?php echo mysql2date( 'D, d M Y H:i:s +0000', get_post_time( 'Y-m-d H:i:s', true ), false ); ?></pubDate>
    373                 <dc:creator><?php echo get_the_author_meta( 'login' ); ?></dc:creator>
     373                <dc:creator><?php echo htmlspecialchars(get_the_author_meta( 'login' )); ?></dc:creator>
    374374                <guid isPermaLink="false"><?php the_guid(); ?></guid>
    375375                <description></description>
    376376                <content:encoded><?php echo wxr_cdata( apply_filters( 'the_content_export', $post->post_content ) ); ?></content:encoded>
  • wp-includes/feed-rdf.php

    diff --git wp-includes/feed-rdf.php wp-includes/feed-rdf.php
    index 3a0daf1..4e5c526 100644
    echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> 
    4040        <title><?php the_title_rss() ?></title>
    4141        <link><?php the_permalink_rss() ?></link>
    4242         <dc:date><?php echo mysql2date('Y-m-d\TH:i:s\Z', $post->post_date_gmt, false); ?></dc:date>
    43         <dc:creator><?php the_author() ?></dc:creator>
     43        <dc:creator><?php echo htmlspecialchars(get_the_author()); ?></dc:creator>
    4444        <?php the_category_rss('rdf') ?>
    4545<?php if (get_option('rss_use_excerpt')) : ?>
    4646        <description><?php the_excerpt_rss() ?></description>
  • wp-includes/feed-rss2.php

    diff --git wp-includes/feed-rss2.php wp-includes/feed-rss2.php
    index a20aa1e..98690b5 100644
    echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> 
    3636                <link><?php the_permalink_rss() ?></link>
    3737                <comments><?php comments_link_feed(); ?></comments>
    3838                <pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_post_time('Y-m-d H:i:s', true), false); ?></pubDate>
    39                 <dc:creator><?php the_author() ?></dc:creator>
     39                <dc:creator><?php echo htmlspecialchars(get_the_author()); ?></dc:creator>
    4040                <?php the_category_rss('rss2') ?>
    4141
    4242                <guid isPermaLink="false"><?php the_guid(); ?></guid>