Make WordPress Core

Ticket #24907: 24907.3.patch

File 24907.3.patch, 1.4 KB (added by aliso, 11 years ago)

Adding esc_js to variable values to use in place of json_encode

  • wp-admin/admin-header.php

     
    5858?>
    5959<script type="text/javascript">
    6060addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
    61 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>',
    62         pagenow = '<?php echo $current_screen->id; ?>',
    63         typenow = '<?php echo $current_screen->post_type; ?>',
    64         adminpage = '<?php echo $admin_body_class; ?>',
    65         thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',
    66         decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',
     61var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>',
     62        pagenow = '<?php echo esc_js( $current_screen->id ); ?>',
     63        typenow = '<?php echo esc_js( $current_screen->post_type ); ?>',
     64        adminpage = '<?php echo esc_js( $admin_body_class ); ?>',
     65        thousandsSeparator = '<?php echo esc_js( addslashes( $wp_locale->number_format['thousands_sep'] ) ); ?>',
     66        decimalPoint = '<?php echo esc_js( addslashes( $wp_locale->number_format['decimal_point'] ) ); ?>',
    6767        isRtl = <?php echo (int) is_rtl(); ?>;
    6868</script>
    6969<?php