Make WordPress Core

Changeset 11104


Ignore:
Timestamp:
04/27/2009 11:09:08 PM (16 years ago)
Author:
ryan
Message:

Some attr escaping. see #9650

Location:
trunk
Files:
12 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-ajax.php

    r11099 r11104  
    427427            'what' => 'link-category',
    428428            'id' => $cat_id,
    429             'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
     429            'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='" . attr($cat_id) . "' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
    430430            'position' => -1
    431431        ) );
     
    12141214        }
    12151215
    1216         $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="'.$post->ID.'"></td>';
     1216        $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="' . attr($post->ID) . '"></td>';
    12171217        $html .= '<td><label for="found-'.$post->ID.'">'.wp_specialchars($post->post_title, true).'</label></td><td>'.wp_specialchars($time, true).'</td><td>'.wp_specialchars($stat, true).'</td></tr>'."\n\n";
    12181218    }
  • trunk/wp-admin/comment.php

    r10731 r11104  
    9191<table width="100%">
    9292<tr>
    93 <td><input type='button' class="button" value='<?php _e('No'); ?>' onclick="self.location='<?php echo admin_url('edit-comments.php'); ?>" /></td>
    94 <td class="textright"><input type='submit' class="button" value='<?php echo $button; ?>' /></td>
     93<td><input type='button' class="button" value='<?php _ea('No'); ?>' onclick="self.location='<?php echo admin_url('edit-comments.php'); ?>" /></td>
     94<td class="textright"><input type='submit' class="button" value='<?php echo attr($button); ?>' /></td>
    9595</tr>
    9696</table>
    9797
    9898<?php wp_nonce_field( $nonce_action ); ?>
    99 <input type='hidden' name='action' value='<?php echo $formaction; ?>' />
     99<input type='hidden' name='action' value='<?php echo attr($formaction); ?>' />
    100100<?php if ( 'spam' == $_GET['dt'] ) { ?>
    101101<input type='hidden' name='dt' value='spam' />
    102102<?php } ?>
    103 <input type='hidden' name='p' value='<?php echo $comment->comment_post_ID; ?>' />
    104 <input type='hidden' name='c' value='<?php echo $comment->comment_ID; ?>' />
     103<input type='hidden' name='p' value='<?php echo attr($comment->comment_post_ID); ?>' />
     104<input type='hidden' name='c' value='<?php echo attr($comment->comment_ID); ?>' />
    105105<input type='hidden' name='noredir' value='1' />
    106106</form>
  • trunk/wp-admin/custom-header.php

    r11013 r11104  
    285285<?php if ( !defined( 'NO_HEADER_TEXT' ) ) { ?>
    286286<form method="post" action="<?php echo admin_url('themes.php?page=custom-header&amp;updated=true') ?>">
    287 <input type="button" class="button" value="<?php _e('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
    288 <input type="button" class="button" value="<?php _e('Select a Text Color'); ?>" id="pickcolor" /><input type="button" class="button" value="<?php _e('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
     287<input type="button" class="button" value="<?php _ea('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
     288<input type="button" class="button" value="<?php _ea('Select a Text Color'); ?>" id="pickcolor" /><input type="button" class="button" value="<?php _ea('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
    289289<?php wp_nonce_field('custom-header') ?>
    290 <input type="hidden" name="textcolor" id="textcolor" value="#<?php attribute_escape(header_textcolor()) ?>" /><input name="submit" type="submit" class="button" value="<?php _e('Save Changes'); ?>" /></form>
     290<input type="hidden" name="textcolor" id="textcolor" value="#<?php attribute_escape(header_textcolor()) ?>" /><input name="submit" type="submit" class="button" value="<?php _ea('Save Changes'); ?>" /></form>
    291291<?php } ?>
    292292
     
    302302<?php wp_nonce_field('custom-header') ?>
    303303<p class="submit">
    304 <input type="submit" value="<?php _e('Upload'); ?>" />
     304<input type="submit" value="<?php _ea('Upload'); ?>" />
    305305</p>
    306306</form>
     
    314314<form method="post" action="<?php echo attribute_escape(add_query_arg('step', 1)) ?>">
    315315<?php wp_nonce_field('custom-header'); ?>
    316 <input type="submit" class="button" name="resetheader" value="<?php _e('Restore Original Header'); ?>" />
     316<input type="submit" class="button" name="resetheader" value="<?php _ea('Restore Original Header'); ?>" />
    317317</form>
    318318</div>
     
    387387<input type="hidden" name="width" id="width" />
    388388<input type="hidden" name="height" id="height" />
    389 <input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo $id; ?>" />
    390 <input type="hidden" name="oitar" id="oitar" value="<?php echo $oitar; ?>" />
     389<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo attr($id); ?>" />
     390<input type="hidden" name="oitar" id="oitar" value="<?php echo attr($oitar); ?>" />
    391391<?php wp_nonce_field('custom-header') ?>
    392 <input type="submit" value="<?php _e('Crop Header'); ?>" />
     392<input type="submit" value="<?php _ea('Crop Header'); ?>" />
    393393</p>
    394394
  • trunk/wp-admin/edit-category-form.php

    r10137 r11104  
    4545<form name="editcat" id="editcat" method="post" action="categories.php" class="validate">
    4646<input type="hidden" name="action" value="editedcat" />
    47 <input type="hidden" name="cat_ID" value="<?php echo $category->term_id ?>" />
     47<input type="hidden" name="cat_ID" value="<?php echo attr($category->term_id) ?>" />
    4848<?php wp_original_referer_field(true, 'previous'); wp_nonce_field('update-category_' . $cat_ID); ?>
    4949    <table class="form-table">
     
    7171        </tr>
    7272    </table>
    73 <p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php _e('Update Category'); ?>" /></p>
     73<p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php _ea('Update Category'); ?>" /></p>
    7474<?php do_action('edit_category_form', $category); ?>
    7575</form>
  • trunk/wp-admin/edit-comments.php

    r11073 r11104  
    183183    <label class="hidden" for="comment-search-input"><?php _e( 'Search Comments' ); ?>:</label>
    184184    <input type="text" id="comment-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    185     <input type="submit" value="<?php _e( 'Search Comments' ); ?>" class="button" />
     185    <input type="submit" value="<?php _ea( 'Search Comments' ); ?>" class="button" />
    186186</p>
    187187
     
    225225?>
    226226
    227 <input type="hidden" name="mode" value="<?php echo $mode; ?>" />
     227<input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
    228228<?php if ( $post_id ) : ?>
    229 <input type="hidden" name="p" value="<?php echo intval( $post_id ); ?>" />
    230 <?php endif; ?>
    231 <input type="hidden" name="comment_status" value="<?php echo $comment_status; ?>" />
    232 <input type="hidden" name="pagegen_timestamp" value="<?php echo current_time('mysql', 1); ?>" />
     229<input type="hidden" name="p" value="<?php echo attr( intval( $post_id ) ); ?>" />
     230<?php endif; ?>
     231<input type="hidden" name="comment_status" value="<?php echo attr($comment_status); ?>" />
     232<input type="hidden" name="pagegen_timestamp" value="<?php echo attr(current_time('mysql', 1)); ?>" />
    233233
    234234<div class="tablenav">
     
    241241    $page_links
    242242); echo $page_links_text; ?></div>
    243 <input type="hidden" name="_total" value="<?php echo $total; ?>" />
    244 <input type="hidden" name="_per_page" value="<?php echo $comments_per_page; ?>" />
    245 <input type="hidden" name="_page" value="<?php echo $page; ?>" />
     243<input type="hidden" name="_total" value="<?php echo attr($total); ?>" />
     244<input type="hidden" name="_per_page" value="<?php echo attr($comments_per_page); ?>" />
     245<input type="hidden" name="_page" value="<?php echo attr($page); ?>" />
    246246<?php endif; ?>
    247247
     
    260260<option value="delete"><?php _e('Delete'); ?></option>
    261261</select>
    262 <input type="submit" name="doaction" id="doaction" value="<?php _e('Apply'); ?>" class="button-secondary apply" />
     262<input type="submit" name="doaction" id="doaction" value="<?php _ea('Apply'); ?>" class="button-secondary apply" />
    263263<?php wp_nonce_field('bulk-comments'); ?>
    264264
     
    272272
    273273    foreach ( $comment_types as $type => $label ) {
    274         echo "  <option value='$type'";
     274        echo "  <option value='" . attr($type) . "'";
    275275        selected( $comment_type, $type );
    276276        echo ">$label</option>\n";
     
    278278?>
    279279</select>
    280 <input type="submit" id="post-query-submit" value="<?php _e('Filter'); ?>" class="button-secondary" />
     280<input type="submit" id="post-query-submit" value="<?php _ea('Filter'); ?>" class="button-secondary" />
    281281
    282282<?php if ( isset($_GET['apage']) ) { ?>
    283     <input type="hidden" name="apage" value="<?php echo absint( $_GET['apage'] ); ?>" />
     283    <input type="hidden" name="apage" value="<?php echo attr( absint( $_GET['apage'] ) ); ?>" />
    284284<?php }
    285285
     
    287287    wp_nonce_field('bulk-spam-delete', '_spam_nonce');
    288288        if ( current_user_can ('moderate_comments')) { ?>
    289         <input type="submit" name="delete_all_spam" value="<?php _e('Delete All Spam'); ?>" class="button-secondary apply" />
     289        <input type="submit" name="delete_all_spam" value="<?php _ea('Delete All Spam'); ?>" class="button-secondary apply" />
    290290<?php   }
    291291} ?>
     
    347347<option value="delete"><?php _e('Delete'); ?></option>
    348348</select>
    349 <input type="submit" name="doaction2" id="doaction2" value="<?php _e('Apply'); ?>" class="button-secondary apply" />
     349<input type="submit" name="doaction2" id="doaction2" value="<?php _ea('Apply'); ?>" class="button-secondary apply" />
    350350
    351351<?php if ( 'spam' == $comment_status ) { ?>
    352 <input type="submit" name="delete_all_spam2" value="<?php _e('Delete All Spam'); ?>" class="button-secondary apply" />
     352<input type="submit" name="delete_all_spam2" value="<?php _ea('Delete All Spam'); ?>" class="button-secondary apply" />
    353353<?php } ?>
    354354<?php do_action('manage_comments_nav', $comment_status); ?>
     
    361361
    362362<form id="get-extra-comments" method="post" action="" class="add:the-extra-comment-list:" style="display: none;">
    363     <input type="hidden" name="s" value="<?php echo $search; ?>" />
    364     <input type="hidden" name="mode" value="<?php echo $mode; ?>" />
    365     <input type="hidden" name="comment_status" value="<?php echo $comment_status; ?>" />
     363    <input type="hidden" name="s" value="<?php echo attr($search); ?>" />
     364    <input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
     365    <input type="hidden" name="comment_status" value="<?php echo attr($comment_status); ?>" />
    366366    <input type="hidden" name="page" value="<?php echo isset($_REQUEST['page']) ? absint( $_REQUEST['page'] ) : 1; ?>" />
    367367    <input type="hidden" name="p" value="<?php echo attribute_escape( $post_id ); ?>" />
  • trunk/wp-admin/edit-form-advanced.php

    r10995 r11104  
    3434    $form_action = 'post';
    3535    $temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
    36     $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
     36    $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='" . attr($temp_ID) . "' />";
    3737    $autosave = false;
    3838} else {
    3939    $form_action = 'editpost';
    40     $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
     40    $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='" . attr($post_ID) . "' />";
    4141    $autosave = wp_get_post_autosave( $post_ID );
    4242
     
    7373<?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key ?>
    7474<div style="display:none;">
    75 <input type="submit" name="save" value="<?php echo attribute_escape( __('Save') ); ?>" />
     75<input type="submit" name="save" value="<?php _ea('Save'); ?>" />
    7676</div>
    7777
     
    7979<div id="save-action">
    8080<?php if ( 'publish' != $post->post_status && 'future' != $post->post_status && 'pending' != $post->post_status )  { ?>
    81 <input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php echo attribute_escape( __('Save Draft') ); ?>" tabindex="4" class="button button-highlighted" />
     81<input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php _ea('Save Draft'); ?>" tabindex="4" class="button button-highlighted" />
    8282<?php } elseif ( 'pending' == $post->post_status && $can_publish ) { ?>
    83 <input type="submit" name="save" id="save-post" value="<?php echo attribute_escape( __('Save as Pending') ); ?>" tabindex="4" class="button button-highlighted" />
     83<input type="submit" name="save" id="save-post" value="<?php _ea('Save as Pending'); ?>" tabindex="4" class="button button-highlighted" />
    8484<?php } ?>
    8585</div>
     
    130130
    131131<div id="post-status-select" class="hide-if-js">
    132 <input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo $post->post_status; ?>" />
     132<input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo attr($post->post_status); ?>" />
    133133<select name='post_status' id='post_status' tabindex='4'>
    134134<?php if ( 'publish' == $post->post_status ) : ?>
     
    239239<?php if ( current_user_can('publish_posts') ) : ?>
    240240    <?php if ( !empty($post->post_date_gmt) && time() < strtotime( $post->post_date_gmt . ' +0000' ) ) : ?>
    241         <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Schedule') ?>" />
    242         <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Schedule') ?>" />
     241        <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Schedule') ?>" />
     242        <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Schedule') ?>" />
    243243    <?php else : ?>
    244         <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Publish') ?>" />
    245         <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />
     244        <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Publish') ?>" />
     245        <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Publish') ?>" />
    246246    <?php endif; ?>
    247247<?php else : ?>
    248     <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Submit for Review') ?>" />
    249     <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Submit for Review') ?>" />
     248    <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Submit for Review') ?>" />
     249    <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Submit for Review') ?>" />
    250250<?php endif; ?>
    251251<?php } else { ?>
    252     <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Update Post') ?>" />
    253     <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Update Post') ?>" />
     252    <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Update Post') ?>" />
     253    <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Update Post') ?>" />
    254254<?php } ?>
    255255</div>
     
    277277    <p class="jaxtag">
    278278        <label class="hidden" for="newtag"><?php _e( $box['title'] ); ?></label>
    279         <input type="hidden" name="<?php echo "tax_input[$tax_name]"; ?>" class="the-tags" id="tax-input[<?php echo $tax_name; ?>]" value="<?php echo get_terms_to_edit( $post->ID, $tax_name ); ?>" />
     279        <input type="hidden" name="<?php echo "tax_input[$tax_name]"; ?>" class="the-tags" id="tax-input[<?php echo $tax_name; ?>]" value="<?php echo attr(get_terms_to_edit( $post->ID, $tax_name )); ?>" />
    280280
    281281    <span class="ajaxtag">
    282         <input type="text" name="newtag[<?php echo $tax_name; ?>]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php _e('Add new tag'); ?>" />
    283         <input type="button" class="button tagadd" value="<?php _e('Add'); ?>" tabindex="3" />
     282        <input type="text" name="newtag[<?php echo $tax_name; ?>]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php _ea('Add new tag'); ?>" />
     283        <input type="button" class="button tagadd" value="<?php _ea('Add'); ?>" tabindex="3" />
    284284    </span></p>
    285285    <p class="howto"><?php echo $helps; ?></p>
     
    330330    <h4><a id="category-add-toggle" href="#category-add" class="hide-if-no-js" tabindex="3"><?php _e( '+ Add New Category' ); ?></a></h4>
    331331    <p id="category-add" class="wp-hidden-child">
    332         <label class="hidden" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _e( 'New category name' ); ?>" tabindex="3" aria-required="true"/>
     332        <label class="hidden" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _ea( 'New category name' ); ?>" tabindex="3" aria-required="true"/>
    333333        <label class="hidden" for="newcat_parent"><?php _e('Parent category'); ?>:</label><?php wp_dropdown_categories( array( 'hide_empty' => 0, 'name' => 'newcat_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => __('Parent category'), 'tab_index' => 3 ) ); ?>
    334         <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php _e( 'Add' ); ?>" tabindex="3" />
     334        <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php _ea( 'Add' ); ?>" tabindex="3" />
    335335        <?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?>
    336336        <span id="category-ajax-response"></span>
     
    573573
    574574<input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID ?>" />
    575 <input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" />
    576 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
     575<input type="hidden" id="hiddenaction" name="action" value="<?php echo attr($form_action) ?>" />
     576<input type="hidden" id="originalaction" name="originalaction" value="<?php echo attr($form_action) ?>" />
    577577<input type="hidden" id="post_author" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" />
    578 <input type="hidden" id="post_type" name="post_type" value="<?php echo $post->post_type ?>" />
    579 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo $post->post_status ?>" />
     578<input type="hidden" id="post_type" name="post_type" value="<?php echo attr($post->post_type) ?>" />
     579<input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo attr($post->post_status) ?>" />
    580580<input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
    581581<?php if ( 'draft' != $post->post_status ) wp_original_referer_field(true, 'previous'); ?>
  • trunk/wp-admin/edit-form-comment.php

    r10995 r11104  
    1313$toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID);
    1414$form_action = 'editedcomment';
    15 $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='" . $comment->comment_post_ID;
     15$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . attr($comment->comment_ID) . "' />\n<input type='hidden' name='comment_post_ID' value='" . attr($comment->comment_post_ID);
    1616?>
    1717
     
    7373</div>
    7474<div id="publishing-action">
    75 <input type="submit" name="save" value="<?php _e('Update Comment'); ?>" tabindex="4" class="button-primary" />
     75<input type="submit" name="save" value="<?php _ea('Update Comment'); ?>" tabindex="4" class="button-primary" />
    7676</div>
    7777<div class="clear"></div>
     
    102102        }
    103103?></td>
    104     <td><input type="text" name="newcomment_author_email" size="30" value="<?php echo $email; ?>" tabindex="2" id="email" /></td>
     104    <td><input type="text" name="newcomment_author_email" size="30" value="<?php echo attr($email); ?>" tabindex="2" id="email" /></td>
    105105</tr>
    106106<tr valign="top">
     
    114114            _e( 'URL:' );
    115115        } ?></td>
    116     <td><input type="text" id="newcomment_author_url" name="newcomment_author_url" size="30" class="code" value="<?php echo $url; ?>" tabindex="3" /></td>
     116    <td><input type="text" id="newcomment_author_url" name="newcomment_author_url" size="30" class="code" value="<?php echo attr($url); ?>" tabindex="3" /></td>
    117117</tr>
    118118</tbody>
     
    129129<?php do_meta_boxes('comment', 'normal', $comment); ?>
    130130
    131 <input type="hidden" name="c" value="<?php echo $comment->comment_ID ?>" />
    132 <input type="hidden" name="p" value="<?php echo $comment->comment_post_ID ?>" />
     131<input type="hidden" name="c" value="<?php echo attr($comment->comment_ID) ?>" />
     132<input type="hidden" name="p" value="<?php echo attr($comment->comment_post_ID) ?>" />
    133133<input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
    134134<?php wp_original_referer_field(true, 'previous'); ?>
  • trunk/wp-admin/edit-link-categories.php

    r11047 r11104  
    7676    <label class="hidden" for="link-category-search-input"><?php _e( 'Search Categories' ); ?>:</label>
    7777    <input type="text" id="link-category-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    78     <input type="submit" value="<?php _e( 'Search Categories' ); ?>" class="button" />
     78    <input type="submit" value="<?php _ea( 'Search Categories' ); ?>" class="button" />
    7979</p>
    8080</form>
     
    113113<option value="delete"><?php _e('Delete'); ?></option>
    114114</select>
    115 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     115<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    116116<?php wp_nonce_field('bulk-link-categories'); ?>
    117117</div>
     
    167167<option value="delete"><?php _e('Delete'); ?></option>
    168168</select>
    169 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     169<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    170170</div>
    171171
     
    212212</div>
    213213
    214 <p class="submit"><input type="submit" class="button" name="submit" value="<?php _e('Add Category'); ?>" /></p>
     214<p class="submit"><input type="submit" class="button" name="submit" value="<?php _ea('Add Category'); ?>" /></p>
    215215<?php do_action('edit_link_category_form', $category); ?>
    216216</form>
  • trunk/wp-admin/edit-link-category-form.php

    r11047 r11104  
    5858<div id="ajax-response"></div>
    5959<?php echo $form ?>
    60 <input type="hidden" name="action" value="<?php echo $action ?>" />
    61 <input type="hidden" name="cat_ID" value="<?php echo $category->term_id ?>" />
     60<input type="hidden" name="action" value="<?php echo attr($action) ?>" />
     61<input type="hidden" name="cat_ID" value="<?php echo attr($category->term_id) ?>" />
    6262<?php wp_original_referer_field(true, 'previous'); wp_nonce_field($nonce_action); ?>
    6363    <table class="form-table">
    6464        <tr class="form-field form-required">
    6565            <th scope="row" valign="top"><label for="name"><?php _e('Link Category name') ?></label></th>
    66             <td><input name="name" id="name" type="text" value="<?php echo $category->name; ?>" size="40" aria-required="true" /></td>
     66            <td><input name="name" id="name" type="text" value="<?php echo attr($category->name); ?>" size="40" aria-required="true" /></td>
    6767        </tr>
    6868        <tr class="form-field">
     
    7676        </tr>
    7777    </table>
    78 <p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php echo $submit_text ?>" /></p>
     78<p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php echo attr($submit_text) ?>" /></p>
    7979<?php do_action('edit_link_category_form', $category); ?>
    8080</form>
  • trunk/wp-admin/edit-link-form.php

    r10995 r11104  
    6161<?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key ?>
    6262<div style="display:none;">
    63 <input type="submit" name="save" value="<?php echo attribute_escape( __('Save') ); ?>" />
     63<input type="submit" name="save" value="<?php _ea('Save'); ?>" />
    6464</div>
    6565
     
    9292<div id="publishing-action">
    9393<?php if ( !empty($link->link_id) ) { ?>
    94     <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _e('Update Link') ?>" />
     94    <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _ea('Update Link') ?>" />
    9595<?php } else { ?>
    96     <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _e('Add Link') ?>" />
     96    <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _ea('Add Link') ?>" />
    9797<?php } ?>
    9898</div>
     
    140140    <p id="link-category-add" class="wp-hidden-child">
    141141        <label class="hidden" for="newcat"><?php _e( '+ Add New Category' ); ?></label>
    142         <input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _e( 'New category name' ); ?>" aria-required="true" />
    143         <input type="button" id="category-add-submit" class="add:categorychecklist:linkcategorydiv button" value="<?php _e( 'Add' ); ?>" />
     142        <input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _ea( 'New category name' ); ?>" aria-required="true" />
     143        <input type="button" id="category-add-submit" class="add:categorychecklist:linkcategorydiv button" value="<?php _ea( 'Add' ); ?>" />
    144144        <?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?>
    145145        <span id="category-ajax-response"></span>
     
    186186    <tr>
    187187        <th style="width: 20%;" scope="row"><label for="link_rel"><?php /* translators: xfn: http://gmpg.org/xfn/ */ _e('rel:') ?></label></th>
    188         <td style="width: 80%;"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo ( isset( $link->link_rel ) ? $link->link_rel : ''); ?>" /></td>
     188        <td style="width: 80%;"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo ( isset( $link->link_rel ) ? attr($link->link_rel) : ''); ?>" /></td>
    189189    </tr>
    190190    <tr>
     
    306306    <tr class="form-field">
    307307        <th valign="top"  scope="row"><label for="link_image"><?php _e('Image Address') ?></label></th>
    308         <td><input type="text" name="link_image" class="code" id="link_image" size="50" value="<?php echo ( isset( $link->link_image ) ? $link->link_image : ''); ?>" style="width: 95%" /></td>
     308        <td><input type="text" name="link_image" class="code" id="link_image" size="50" value="<?php echo ( isset( $link->link_image ) ? attr($link->link_image) : ''); ?>" style="width: 95%" /></td>
    309309    </tr>
    310310    <tr class="form-field">
    311311        <th valign="top"  scope="row"><label for="rss_uri"><?php _e('RSS Address') ?></label></th>
    312         <td><input name="link_rss" class="code" type="text" id="rss_uri" value="<?php echo  ( isset( $link->link_rss ) ? $link->link_rss : ''); ?>" size="50" style="width: 95%" /></td>
     312        <td><input name="link_rss" class="code" type="text" id="rss_uri" value="<?php echo  ( isset( $link->link_rss ) ? attr($link->link_rss) : ''); ?>" size="50" style="width: 95%" /></td>
    313313    </tr>
    314314    <tr class="form-field">
     
    321321        <?php
    322322            for ($r = 0; $r < 10; $r++) {
    323                 echo('            <option value="'.$r.'" ');
     323                echo('            <option value="'. attr($r) .'" ');
    324324                if ( isset($link->link_rating) && $link->link_rating == $r)
    325325                    echo 'selected="selected"';
     
    375375<h3><label for="link_name"><?php _e('Name') ?></label></h3>
    376376<div class="inside">
    377     <input type="text" name="link_name" size="30" tabindex="1" value="<?php echo $link->link_name; ?>" id="link_name" />
     377    <input type="text" name="link_name" size="30" tabindex="1" value="<?php echo attr($link->link_name); ?>" id="link_name" />
    378378    <p><?php _e('Example: Nifty blogging software'); ?></p>
    379379</div>
     
    383383<h3><label for="link_url"><?php _e('Web Address') ?></label></h3>
    384384<div class="inside">
    385     <input type="text" name="link_url" size="30" class="code" tabindex="1" value="<?php echo $link->link_url; ?>" id="link_url" />
     385    <input type="text" name="link_url" size="30" class="code" tabindex="1" value="<?php echo attr($link->link_url); ?>" id="link_url" />
    386386    <p><?php _e('Example: <code>http://wordpress.org/</code> &#8212; don&#8217;t forget the <code>http://</code>'); ?></p>
    387387</div>
     
    391391<h3><label for="link_description"><?php _e('Description') ?></label></h3>
    392392<div class="inside">
    393     <input type="text" name="link_description" size="30" tabindex="1" value="<?php echo isset($link->link_description) ? $link->link_description : ''; ?>" id="link_description" />
     393    <input type="text" name="link_description" size="30" tabindex="1" value="<?php echo isset($link->link_description) ? attr($link->link_description) : ''; ?>" id="link_description" />
    394394    <p><?php _e('This will be shown when someone hovers over the link in the blogroll, or optionally below the link.'); ?></p>
    395395</div>
  • trunk/wp-admin/edit-page-form.php

    r10996 r11104  
    6868<?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key ?>
    6969<div style="display:none;">
    70 <input type="submit" name="save" value="<?php echo attribute_escape( __('Save') ); ?>" />
     70<input type="submit" name="save" value="<?php _ea('Save'); ?>" />
    7171</div>
    7272
  • trunk/wp-login.php

    r11022 r11104  
    311311    </p>
    312312<?php do_action('lostpassword_form'); ?>
    313     <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Get New Password'); ?>" tabindex="100" /></p>
     313    <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _ea('Get New Password'); ?>" tabindex="100" /></p>
    314314</form>
    315315
     
    383383<?php do_action('register_form'); ?>
    384384    <p id="reg_passmail"><?php _e('A password will be e-mailed to you.') ?></p>
    385     <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Register'); ?>" tabindex="100" /></p>
     385    <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _ea('Register'); ?>" tabindex="100" /></p>
    386386</form>
    387387
     
    468468    <p>
    469469        <label><?php _e('Username') ?><br />
    470         <input type="text" name="log" id="user_login" class="input" value="<?php echo $user_login; ?>" size="20" tabindex="10" /></label>
     470        <input type="text" name="log" id="user_login" class="input" value="<?php echo attr($user_login); ?>" size="20" tabindex="10" /></label>
    471471    </p>
    472472    <p>
     
    475475    </p>
    476476<?php do_action('login_form'); ?>
    477     <p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _e('Remember Me'); ?></label></p>
     477    <p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _ea('Remember Me'); ?></label></p>
    478478    <p class="submit">
    479         <input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Log In'); ?>" tabindex="100" />
     479        <input type="submit" name="wp-submit" id="wp-submit" value="<?php _ea('Log In'); ?>" tabindex="100" />
    480480        <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($redirect_to); ?>" />
    481481        <input type="hidden" name="testcookie" value="1" />
Note: See TracChangeset for help on using the changeset viewer.