Ticket #21523: 21523.4.patch
File 21523.4.patch, 5.5 KB (added by , 9 years ago) |
---|
-
wp-admin/credits.php
37 37 38 38 $results = json_decode( wp_remote_retrieve_body( $response ), true ); 39 39 40 if ( ! is_array( $results ) ) 40 if ( ! is_array( $results ) ){ 41 41 return false; 42 } 42 43 44 if ( empty( $results['groups'] ) || !is_array( $results['groups'] ) ){ 45 return false; 46 } else { 47 foreach ( $results['groups'] as $group_slug => $group_data ) { 48 if ( empty( $group_data['name'] ) 49 && 'contributing-developers' !== $group_slug 50 && 'recent-rockstars' !== $group_slug ){ 51 return false; 52 } elseif ( empty( $group_data['type'] ) ){ 53 return false; 54 } elseif ( empty( $group_data['data'] ) ){ 55 return false; 56 } 57 } 58 } 59 60 if ( empty( $results['data'] ) || !is_array( $results['data'] ) ){ 61 return false; 62 } elseif ( empty( $results['data']['profiles'] ) 63 || empty( $results['data']['version'] ) 64 || !is_string( $results['data']['profiles'] ) 65 || !is_string( $results['data']['version'] ) ) { 66 return false; 67 } 68 43 69 set_site_transient( 'wordpress_credits_' . $locale, $results, DAY_IN_SECONDS ); 44 70 } 45 71 … … 71 97 * @return string Link to the external library. 72 98 */ 73 99 function _wp_credits_build_object_link( &$data ) { 74 $data = '<a href="' . esc_url( $data[1] ) . '">' . $data[0]. '</a>';100 $data = '<a href="' . esc_url( $data[1] ) . '">' . esc_html( $data[0] ) . '</a>'; 75 101 } 76 102 77 103 list( $display_version ) = explode( '-', $wp_version ); … … 80 106 ?> 81 107 <div class="wrap about-wrap"> 82 108 83 <h1><?php printf( __( 'Welcome to WordPress %s' ), $display_version); ?></h1>109 <h1><?php printf( __( 'Welcome to WordPress %s' ), esc_html( $display_version ) ); ?></h1> 84 110 85 <div class="about-text"><?php printf( __( 'Thank you for updating! WordPress %s helps you communicate and share, globally.' ), $display_version); ?></div>111 <div class="about-text"><?php printf( __( 'Thank you for updating! WordPress %s helps you communicate and share, globally.' ), esc_html( $display_version ) ); ?></div> 86 112 87 <div class="wp-badge"><?php printf( __( 'Version %s' ), $display_version); ?></div>113 <div class="wp-badge"><?php printf( __( 'Version %s' ), esc_html( $display_version ) ); ?></div> 88 114 89 115 <h2 class="nav-tab-wrapper"> 90 116 <a href="about.php" class="nav-tab"> … … 101 127 $credits = wp_credits(); 102 128 103 129 if ( ! $credits ) { 104 echo '<p class="about-description">' . sprintf( __( 'WordPress is created by a <a href="%1$s">worldwide team</a> of passionate individuals. <a href="%2$s">Get involved in WordPress</a>.' ),130 echo '<p class="about-description">' . esc_html( sprintf( __( 'WordPress is created by a <a href="%1$s">worldwide team</a> of passionate individuals. <a href="%2$s">Get involved in WordPress</a>.' ), 105 131 'https://wordpress.org/about/', 106 132 /* translators: Url to the codex documentation on contributing to WordPress used on the credits page */ 107 __( 'https://codex.wordpress.org/Contributing_to_WordPress' ) ) . '</p>';133 __( 'https://codex.wordpress.org/Contributing_to_WordPress' ) ) ) . '</p>'; 108 134 include( ABSPATH . 'wp-admin/admin-footer.php' ); 109 135 exit; 110 136 } … … 124 150 $title = translate( $group_data['name'] ); 125 151 } 126 152 127 echo '<h4 class="wp-people-group">' . $title. "</h4>\n";153 echo '<h4 class="wp-people-group">' . esc_html( $title ) . "</h4>\n"; 128 154 } 129 155 130 156 if ( ! empty( $group_data['shuffle'] ) ) … … 141 167 break; 142 168 default: 143 169 $compact = 'compact' == $group_data['type']; 144 $classes = 'wp-people-group ' . ( $compact ? 'compact' : '');170 $classes = esc_attr( 'wp-people-group ' . ( $compact ? 'compact' : '' ) ); 145 171 echo '<ul class="' . $classes . '" id="wp-people-group-' . $group_slug . '">' . "\n"; 146 172 foreach ( $group_data['data'] as $person_data ) { 147 echo '<li class="wp-person" id="wp-person-' . $person_data[2] . '">' . "\n\t"; 148 echo '<a href="' . sprintf( $credits['data']['profiles'], $person_data[2] ) . '">'; 149 $size = 'compact' == $group_data['type'] ? '30' : '60'; 150 echo '<img src="' . $gravatar . $person_data[1] . '?s=' . $size . '" srcset="' . $gravatar . $person_data[1] . '?s=' . $size * 2 . ' 2x" class="gravatar" alt="' . esc_attr( $person_data[0] ) . '" /></a>' . "\n\t"; 151 echo '<a class="web" href="' . sprintf( $credits['data']['profiles'], $person_data[2] ) . '">' . $person_data[0] . "</a>\n\t"; 152 if ( ! $compact ) 153 echo '<span class="title">' . translate( $person_data[3] ) . "</span>\n"; 154 echo "</li>\n"; 173 if ( isset( $person_data[0] ) 174 && isset( $person_data[1] ) 175 && isset( $person_data[2] ) ){ 176 echo '<li class="wp-person" id="wp-person-' . esc_attr( $person_data[2] ) . '">' . "\n\t"; 177 echo '<a href="' . esc_url( sprintf( $credits['data']['profiles'], $person_data[2] ) ) . '">'; 178 $size = 'compact' == $group_data['type'] ? '30' : '60'; 179 echo '<img src="' . esc_url( $gravatar . $person_data[1] . '?s=' . $size . '" srcset="' . $gravatar . $person_data[1] . '?s=' . $size * 2 ) . ' 2x" class="gravatar" alt="' . esc_attr( $person_data[0] ) . '" /></a>' . "\n\t"; 180 echo '<a class="web" href="' . esc_url( sprintf( $credits['data']['profiles'], $person_data[2] ) ) . '">' . esc_html( $person_data[0] ) . "</a>\n\t"; 181 if ( ! $compact && isset( $person_data[3] ) ){ 182 echo '<span class="title">' . esc_html( translate( $person_data[3] ) ) . "</span>\n"; 183 } 184 echo "</li>\n"; 185 } 155 186 } 156 187 echo "</ul>\n"; 157 188 break;