Ticket #21523: 21523.patch
File 21523.patch, 2.4 KB (added by , 12 years ago) |
---|
-
wp-admin/credits.php
41 41 } 42 42 43 43 function _wp_credits_build_object_link( &$data ) { 44 $data = '<a href="' . esc_url( $data[1] ) . '">' . $data[0]. '</a>';44 $data = '<a href="' . esc_url( $data[1] ) . '">' . esc_html( $data[0] ) . '</a>'; 45 45 } 46 46 47 47 list( $display_version ) = explode( '-', $wp_version ); … … 94 94 $title = translate( $group_data['name'] ); 95 95 } 96 96 97 echo '<h4 class="wp-people-group">' . $title. "</h4>\n";97 echo '<h4 class="wp-people-group">' . esc_html( $title ) . "</h4>\n"; 98 98 } 99 99 100 100 if ( ! empty( $group_data['shuffle'] ) ) … … 112 112 default: 113 113 $compact = 'compact' == $group_data['type']; 114 114 $classes = 'wp-people-group ' . ( $compact ? 'compact' : '' ); 115 echo '<ul class="' . $classes . '" id=" wp-people-group-' . $group_slug. '">' . "\n";115 echo '<ul class="' . $classes . '" id="' . esc_attr( 'wp-people-group-' . $group_slug ) . '">' . "\n"; 116 116 foreach ( $group_data['data'] as $person_data ) { 117 echo '<li class="wp-person" id=" wp-person-' . $person_data[2]. '">' . "\n\t";118 echo '<a href="' . sprintf( $credits['data']['profiles'], $person_data[2]) . '">';117 echo '<li class="wp-person" id="' . esc_attr( 'wp-person-' . $person_data[2] ) . '">' . "\n\t"; 118 echo '<a href="' . esc_url( sprintf( $credits['data']['profiles'], $person_data[2] ) ) . '">'; 119 119 $size = 'compact' == $group_data['type'] ? '30' : '60'; 120 echo '<img src="' . $gravatar . $person_data[1] . '?s=' . $size. '" class="gravatar" alt="' . esc_attr( $person_data[0] ) . '" /></a>' . "\n\t";121 echo '<a class="web" href="' . sprintf( $credits['data']['profiles'], $person_data[2] ) . '">' . $person_data[0]. "</a>\n\t";120 echo '<img src="' . esc_url( $gravatar . $person_data[1] . '?s=' . $size ) . '" class="gravatar" alt="' . esc_attr( $person_data[0] ) . '" /></a>' . "\n\t"; 121 echo '<a class="web" href="' . esc_url( sprintf( $credits['data']['profiles'], $person_data[2] ) ) . '">' . esc_html( $person_data[0] ) . "</a>\n\t"; 122 122 if ( ! $compact ) 123 echo '<span class="title">' . translate( $person_data[3]) . "</span>\n";123 echo '<span class="title">' . esc_html( translate( $person_data[3] ) ) . "</span>\n"; 124 124 echo "</li>\n"; 125 125 } 126 126 echo "</ul>\n";