Make WordPress Core


Ignore:
Timestamp:
04/27/2009 11:09:08 PM (16 years ago)
Author:
ryan
Message:

Some attr escaping. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-link-form.php

    r10995 r11104  
    6161<?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key ?>
    6262<div style="display:none;">
    63 <input type="submit" name="save" value="<?php echo attribute_escape( __('Save') ); ?>" />
     63<input type="submit" name="save" value="<?php _ea('Save'); ?>" />
    6464</div>
    6565
     
    9292<div id="publishing-action">
    9393<?php if ( !empty($link->link_id) ) { ?>
    94     <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _e('Update Link') ?>" />
     94    <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _ea('Update Link') ?>" />
    9595<?php } else { ?>
    96     <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _e('Add Link') ?>" />
     96    <input name="save" type="submit" class="button-primary" id="publish" tabindex="4" accesskey="p" value="<?php _ea('Add Link') ?>" />
    9797<?php } ?>
    9898</div>
     
    140140    <p id="link-category-add" class="wp-hidden-child">
    141141        <label class="hidden" for="newcat"><?php _e( '+ Add New Category' ); ?></label>
    142         <input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _e( 'New category name' ); ?>" aria-required="true" />
    143         <input type="button" id="category-add-submit" class="add:categorychecklist:linkcategorydiv button" value="<?php _e( 'Add' ); ?>" />
     142        <input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _ea( 'New category name' ); ?>" aria-required="true" />
     143        <input type="button" id="category-add-submit" class="add:categorychecklist:linkcategorydiv button" value="<?php _ea( 'Add' ); ?>" />
    144144        <?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?>
    145145        <span id="category-ajax-response"></span>
     
    186186    <tr>
    187187        <th style="width: 20%;" scope="row"><label for="link_rel"><?php /* translators: xfn: http://gmpg.org/xfn/ */ _e('rel:') ?></label></th>
    188         <td style="width: 80%;"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo ( isset( $link->link_rel ) ? $link->link_rel : ''); ?>" /></td>
     188        <td style="width: 80%;"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo ( isset( $link->link_rel ) ? attr($link->link_rel) : ''); ?>" /></td>
    189189    </tr>
    190190    <tr>
     
    306306    <tr class="form-field">
    307307        <th valign="top"  scope="row"><label for="link_image"><?php _e('Image Address') ?></label></th>
    308         <td><input type="text" name="link_image" class="code" id="link_image" size="50" value="<?php echo ( isset( $link->link_image ) ? $link->link_image : ''); ?>" style="width: 95%" /></td>
     308        <td><input type="text" name="link_image" class="code" id="link_image" size="50" value="<?php echo ( isset( $link->link_image ) ? attr($link->link_image) : ''); ?>" style="width: 95%" /></td>
    309309    </tr>
    310310    <tr class="form-field">
    311311        <th valign="top"  scope="row"><label for="rss_uri"><?php _e('RSS Address') ?></label></th>
    312         <td><input name="link_rss" class="code" type="text" id="rss_uri" value="<?php echo  ( isset( $link->link_rss ) ? $link->link_rss : ''); ?>" size="50" style="width: 95%" /></td>
     312        <td><input name="link_rss" class="code" type="text" id="rss_uri" value="<?php echo  ( isset( $link->link_rss ) ? attr($link->link_rss) : ''); ?>" size="50" style="width: 95%" /></td>
    313313    </tr>
    314314    <tr class="form-field">
     
    321321        <?php
    322322            for ($r = 0; $r < 10; $r++) {
    323                 echo('            <option value="'.$r.'" ');
     323                echo('            <option value="'. attr($r) .'" ');
    324324                if ( isset($link->link_rating) && $link->link_rating == $r)
    325325                    echo 'selected="selected"';
     
    375375<h3><label for="link_name"><?php _e('Name') ?></label></h3>
    376376<div class="inside">
    377     <input type="text" name="link_name" size="30" tabindex="1" value="<?php echo $link->link_name; ?>" id="link_name" />
     377    <input type="text" name="link_name" size="30" tabindex="1" value="<?php echo attr($link->link_name); ?>" id="link_name" />
    378378    <p><?php _e('Example: Nifty blogging software'); ?></p>
    379379</div>
     
    383383<h3><label for="link_url"><?php _e('Web Address') ?></label></h3>
    384384<div class="inside">
    385     <input type="text" name="link_url" size="30" class="code" tabindex="1" value="<?php echo $link->link_url; ?>" id="link_url" />
     385    <input type="text" name="link_url" size="30" class="code" tabindex="1" value="<?php echo attr($link->link_url); ?>" id="link_url" />
    386386    <p><?php _e('Example: <code>http://wordpress.org/</code> &#8212; don&#8217;t forget the <code>http://</code>'); ?></p>
    387387</div>
     
    391391<h3><label for="link_description"><?php _e('Description') ?></label></h3>
    392392<div class="inside">
    393     <input type="text" name="link_description" size="30" tabindex="1" value="<?php echo isset($link->link_description) ? $link->link_description : ''; ?>" id="link_description" />
     393    <input type="text" name="link_description" size="30" tabindex="1" value="<?php echo isset($link->link_description) ? attr($link->link_description) : ''; ?>" id="link_description" />
    394394    <p><?php _e('This will be shown when someone hovers over the link in the blogroll, or optionally below the link.'); ?></p>
    395395</div>
Note: See TracChangeset for help on using the changeset viewer.