WordPress.org

Make WordPress Core

Ticket #9402: more_validation_fixes.patch

File more_validation_fixes.patch, 5.6 KB (added by simek, 6 years ago)
  • import/blogger.php

     
    245245                                kick: function() { 
    246246                                        ++this.kicks; 
    247247                                        var i = this.blog; 
    248                                         jQuery.post('admin.php?import=blogger&noheader=true',{blog:this.blog},function(text,result){blogs[i].kickd(text,result)}); 
     248                                        jQuery.post('admin.php?import=blogger&noheader=true',{blog:this.blog},function(text,result){blogs[i].kickd(text,result)}); 
    249249                                }, 
    250250                                check: function() { 
    251251                                        ++this.checks; 
    252252                                        var i = this.blog; 
    253                                         jQuery.post('admin.php?import=blogger&noheader=true&status=true',{blog:this.blog},function(text,result){blogs[i].checkd(text,result)}); 
     253                                        jQuery.post('admin.php?import=blogger&noheader=true&status=true',{blog:this.blog},function(text,result){blogs[i].checkd(text,result)}); 
    254254                                }, 
    255255                                kickd: function(text, result) { 
    256256                                        if ( result == 'error' ) { 
     
    305305                                                jQuery('div.wrap').gt(0).remove(); 
    306306                                        jQuery('div.wrap').empty().append('<h2>$authhead</h2><h3>' + this.title + '</h3>'); 
    307307                                        jQuery('div.wrap').append('<p id=\"auth\">$loadauth</p>'); 
    308                                         jQuery('p#auth').load('index.php?import=blogger&noheader=true&authors=1',{blog:this.blog}); 
     308                                        jQuery('p#auth').load('index.php?import=blogger&amp;noheader=true&amp;authors=1',{blog:this.blog}); 
    309309                                }, 
    310310                                init: function() { 
    311311                                        this.update(); 
     
    330330                                                        jQuery(this.button).attr('value', strings.cont); 
    331331                                                } 
    332332                                        } else if ( this.mode == 'authors' ) { 
    333                                                 document.location = 'index.php?import=blogger&authors=1&blog='+this.blog; 
     333                                                document.location = 'index.php?import=blogger&amp;authors=1&amp;blog='+this.blog; 
    334334                                                //this.mode = 'authors2'; 
    335335                                                //this.getauthors(); 
    336336                                        } 
  • includes/dashboard.php

     
    3636                $update = true; 
    3737                $widget_options['dashboard_incoming_links'] = array( 
    3838                        'home' => get_option('home'), 
    39                         'link' => apply_filters( 'dashboard_incoming_links_link', 'http://blogsearch.google.com/blogsearch?hl=en&scoring=d&partner=wordpress&q=link:' . trailingslashit( get_option('home') ) ), 
    40                         'url' => isset($widget_options['dashboard_incoming_links']['url']) ? apply_filters( 'dashboard_incoming_links_feed', $widget_options['dashboard_incoming_links']['url'] ) : apply_filters( 'dashboard_incoming_links_feed', 'http://blogsearch.google.com/blogsearch_feeds?hl=en&scoring=d&ie=utf-8&num=20&output=rss&partner=wordpress&q=link:' . trailingslashit( get_option('home') ) ), 
     39                        'link' => apply_filters( 'dashboard_incoming_links_link', 'http://blogsearch.google.com/blogsearch?hl=en&amp;scoring=d&amp;partner=wordpress&amp;q=link:' . trailingslashit( get_option('home') ) ), 
     40                        'url' => isset($widget_options['dashboard_incoming_links']['url']) ? apply_filters( 'dashboard_incoming_links_feed', $widget_options['dashboard_incoming_links']['url'] ) : apply_filters( 'dashboard_incoming_links_feed', 'http://blogsearch.google.com/blogsearch_feeds?hl=en&amp;scoring=d&amp;ie=utf-8&amp;num=20&amp;output=rss&amp;partner=wordpress&amp;q=link:' . trailingslashit( get_option('home') ) ), 
    4141                        'items' => isset($widget_options['dashboard_incoming_links']['items']) ? $widget_options['dashboard_incoming_links']['items'] : 10, 
    4242                        'show_date' => isset($widget_options['dashboard_incoming_links']['show_date']) ? $widget_options['dashboard_incoming_links']['show_date'] : false 
    4343                ); 
     
    512512        $comment_post_link = "<a href='$comment_post_url'>$comment_post_title</a>"; 
    513513        $comment_link = '<a class="comment-link" href="' . get_comment_link() . '">#</a>'; 
    514514 
    515         $delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
    516         $approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); 
    517         $unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); 
    518         $spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
     515        $delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&amp;p=$comment->comment_post_ID&amp;c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
     516        $approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&amp;p=$comment->comment_post_ID&amp;c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); 
     517        $unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&amp;p=$comment->comment_post_ID&amp;c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); 
     518        $spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&amp;dt=spam&amp;p=$comment->comment_post_ID&amp;c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); 
    519519 
    520520        $actions = array(); 
    521521 
     
    802802 
    803803                $description = wp_specialchars( strip_tags(html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset'))) ); 
    804804 
    805                 $ilink = wp_nonce_url('plugin-install.php?tab=plugin-information&plugin=' . $slug, 'install-plugin_' . $slug) . 
     805                $ilink = wp_nonce_url('plugin-install.php?tab=plugin-information&amp;plugin=' . $slug, 'install-plugin_' . $slug) . 
    806806                                                        '&amp;TB_iframe=true&amp;width=600&amp;height=800'; 
    807807 
    808808                echo "<h4>$label</h4>\n";