Ticket #3113: write_validation.diff
| File write_validation.diff, 4.5 KB (added by , 20 years ago) |
|---|
-
wp-admin/admin-functions.php
958 958 global $post_ID; 959 959 // Exit if no meta 960 960 if (!$meta) { 961 echo '<tbody id="the-list">< /tbody>'; //TBODY needed for list-manipulation JS961 echo '<tbody id="the-list"><tr style="display: none;"><td> </td></tr></tbody>'; //TBODY needed for list-manipulation JS 962 962 return; 963 963 } 964 964 $count = 0; … … 1254 1254 <div id="quicktags"> 1255 1255 '; 1256 1256 wp_print_scripts( 'quicktags' ); 1257 echo ' <script type="text/javascript">if ( typeof tinyMCE == "undefined" || tinyMCE.configs.length < 1 ) edToolbar();</script> 1257 echo ' <script type="text/javascript"> 1258 //<![CDATA[ 1259 if ( typeof tinyMCE == "undefined" || tinyMCE.configs.length < 1 ) edToolbar(); 1260 //]]> 1261 </script> 1258 1262 </div> 1259 1263 '; 1260 1264 echo ' -
wp-admin/edit-form-advanced.php
183 183 $uploading_iframe_src = wp_nonce_url("inline-uploading.php?action=view&post=$uploading_iframe_ID", 'inlineuploading'); 184 184 $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src); 185 185 if ( false != $uploading_iframe_src ) 186 echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';186 echo '<iframe id="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>'; 187 187 } 188 188 ?> 189 189 -
wp-admin/edit-page-form.php
159 159 $uploading_iframe_src = wp_nonce_url("inline-uploading.php?action=view&post=$uploading_iframe_ID", 'inlineuploading'); 160 160 $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src); 161 161 if ( false != $uploading_iframe_src ) 162 echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';162 echo '<iframe id="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>'; 163 163 } 164 164 ?> 165 165 … … 191 191 if ( current_user_can('delete_page', $post->ID) ) ?> 192 192 <input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> 193 193 <?php endif; ?> 194 </div> 195 194 196 </form> 195 197 196 198 </div> 197 198 </div> -
wp-admin/page.php
57 57 ?> 58 58 <div id='preview' class='wrap'> 59 59 <h2 id="preview-post"><?php _e('Page Preview (updated when page is saved)'); ?> <small class="quickjump"><a href="#write-post"><?php _e('edit ↑'); ?></a></small></h2> 60 <iframe src="<?php echo apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID))); ?>" width="100%" height="600" ></iframe>60 <iframe src="<?php echo wp_specialchars(apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe> 61 61 </div> 62 62 <?php 63 63 break; -
wp-admin/post.php
63 63 ?> 64 64 <div id='preview' class='wrap'> 65 65 <h2 id="preview-post"><?php _e('Post Preview (updated when post is saved)'); ?> <small class="quickjump"><a href="#write-post"><?php _e('edit ↑'); ?></a></small></h2> 66 <iframe src="<?php echo apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID))); ?>" width="100%" height="600" ></iframe>66 <iframe src="<?php echo wp_specialchars(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe> 67 67 </div> 68 68 <?php 69 69 break;