Make WordPress Core

Ticket #53459: 53459.patch

File 53459.patch, 4.5 KB (added by chintan1896, 4 years ago)
  • wp-admin/includes/dashboard.php

    diff --git a/wp-admin/includes/dashboard.php b/wp-admin/includes/dashboard.php
    index 4ba4b9edde..45dddd81a6 100644
    a b function wp_network_dashboard_right_now() { 
    484484                do_action( 'wpmuadminresult' );
    485485        ?>
    486486
    487         <form action="<?php echo network_admin_url( 'users.php' ); ?>" method="get">
     487        <form action="<?php echo esc_url( network_admin_url( 'users.php' ) ); ?>" method="get">
    488488                <p>
    489489                        <label class="screen-reader-text" for="search-users"><?php _e( 'Search Users' ); ?></label>
    490490                        <input type="search" name="s" value="" size="30" autocomplete="off" id="search-users" />
    function wp_network_dashboard_right_now() { 
    492492                </p>
    493493        </form>
    494494
    495         <form action="<?php echo network_admin_url( 'sites.php' ); ?>" method="get">
     495        <form action="<?php echo esc_url( network_admin_url( 'sites.php' ) ); ?>" method="get">
    496496                <p>
    497497                        <label class="screen-reader-text" for="search-sites"><?php _e( 'Search Sites' ); ?></label>
    498498                        <input type="search" name="s" value="" size="30" autocomplete="off" id="search-sites" />
  • wp-admin/network/site-new.php

    diff --git a/wp-admin/network/site-new.php b/wp-admin/network/site-new.php
    index ffe2f8fddd..340e35c7bd 100644
    a b printf( 
    201201);
    202202?>
    203203</p>
    204 <form method="post" action="<?php echo network_admin_url( 'site-new.php?action=add-site' ); ?>" novalidate="novalidate">
     204<form method="post" action="<?php echo esc_url( network_admin_url( 'site-new.php?action=add-site' ) ); ?>" novalidate="novalidate">
    205205<?php wp_nonce_field( 'add-blog', '_wpnonce_add-blog' ); ?>
    206206        <table class="form-table" role="presentation">
    207207                <tr class="form-field form-required">
  • wp-admin/network/site-users.php

    diff --git a/wp-admin/network/site-users.php b/wp-admin/network/site-users.php
    index 1130bf58c7..b2d3f638af 100644
    a b if ( current_user_can( 'promote_users' ) && apply_filters( 'show_network_site_us 
    330330if ( current_user_can( 'create_users' ) && apply_filters( 'show_network_site_users_add_new_form', true ) ) :
    331331        ?>
    332332<h2 id="add-new-user"><?php _e( 'Add New User' ); ?></h2>
    333 <form action="<?php echo network_admin_url( 'site-users.php?action=newuser' ); ?>" id="newuser" method="post">
     333<form action="<?php echo esc_url( network_admin_url( 'site-users.php?action=newuser' ) ); ?>" id="newuser" method="post">
    334334        <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
    335335        <table class="form-table" role="presentation">
    336336                <tr>
  • wp-admin/network/sites.php

    diff --git a/wp-admin/network/sites.php b/wp-admin/network/sites.php
    index dd476765d1..bcbee04276 100644
    a b require_once ABSPATH . 'wp-admin/admin-header.php'; 
    366366<h1 class="wp-heading-inline"><?php _e( 'Sites' ); ?></h1>
    367367
    368368<?php if ( current_user_can( 'create_sites' ) ) : ?>
    369         <a href="<?php echo network_admin_url( 'site-new.php' ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add New', 'site' ); ?></a>
     369        <a href="<?php echo esc_url( network_admin_url( 'site-new.php' ) ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add New', 'site' ); ?></a>
    370370<?php endif; ?>
    371371
    372372<?php
  • wp-admin/network/user-new.php

    diff --git a/wp-admin/network/user-new.php b/wp-admin/network/user-new.php
    index 468d2c795f..191e9bdda1 100644
    a b if ( isset( $add_user_errors ) && is_wp_error( $add_user_errors ) ) { 
    122122                ?>
    123123        </div>
    124124<?php } ?>
    125         <form action="<?php echo network_admin_url( 'user-new.php?action=add-user' ); ?>" id="adduser" method="post" novalidate="novalidate">
     125        <form action="<?php echo esc_url( network_admin_url( 'user-new.php?action=add-user' ) ); ?>" id="adduser" method="post" novalidate="novalidate">
    126126        <table class="form-table" role="presentation">
    127127                <tr class="form-field form-required">
    128128                        <th scope="row"><label for="username"><?php _e( 'Username' ); ?></label></th>
  • wp-admin/network/users.php

    diff --git a/wp-admin/network/users.php b/wp-admin/network/users.php
    index 5943a7819a..d05eadcd4c 100644
    a b if ( isset( $_REQUEST['updated'] ) && 'true' == $_REQUEST['updated'] && ! empty( 
    273273        <?php
    274274        if ( current_user_can( 'create_users' ) ) :
    275275                ?>
    276                 <a href="<?php echo network_admin_url( 'user-new.php' ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add New', 'user' ); ?></a>
     276                <a href="<?php echo esc_url( network_admin_url( 'user-new.php' ) ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add New', 'user' ); ?></a>
    277277                                                        <?php
    278278        endif;
    279279