Changeset 11109 for trunk/wp-admin/includes/media.php
- Timestamp:
- 04/28/2009 05:58:45 AM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/media.php
r11052 r11109 79 79 $href = add_query_arg(array('tab'=>$callback, 's'=>false, 'paged'=>false, 'post_mime_type'=>false, 'm'=>false)); 80 80 $link = "<a href='" . clean_url($href) . "'$class>$text</a>"; 81 echo "\t<li id='" . attr ibute_escape("tab-$callback") . "'>$link</li>\n";81 echo "\t<li id='" . attr("tab-$callback") . "'>$link</li>\n"; 82 82 } 83 83 echo "</ul>\n"; … … 105 105 $html = get_image_tag($id, $htmlalt, $title, $align, $size); 106 106 107 $rel = $rel ? ' rel="attachment wp-att-'.attr ibute_escape($id).'"' : '';107 $rel = $rel ? ' rel="attachment wp-att-'.attr($id).'"' : ''; 108 108 109 109 if ( $url ) … … 425 425 if ( !empty($attachment['url']) ) { 426 426 if ( strpos($attachment['url'], 'attachment_id') || false !== strpos($attachment['url'], get_permalink($_POST['post_id'])) ) 427 $rel = " rel='attachment wp-att-".attr ibute_escape($send_id)."'";427 $rel = " rel='attachment wp-att-".attr($send_id)."'"; 428 428 $html = "<a href='{$attachment['url']}'$rel>$html</a>"; 429 429 } … … 460 460 if ( !empty($src) && !strpos($src, '://') ) 461 461 $src = "http://$src"; 462 $alt = attr ibute_escape($_POST['insertonly']['alt']);462 $alt = attr($_POST['insertonly']['alt']); 463 463 if ( isset($_POST['insertonly']['align']) ) { 464 $align = attr ibute_escape($_POST['insertonly']['align']);464 $align = attr($_POST['insertonly']['align']); 465 465 $class = " class='align$align'"; 466 466 } … … 554 554 if ( !empty($href) && !strpos($href, '://') ) 555 555 $href = "http://$href"; 556 $title = attr ibute_escape($_POST['insertonly']['title']);556 $title = attr($_POST['insertonly']['title']); 557 557 if ( empty($title) ) 558 558 $title = basename($href); … … 608 608 if ( !empty($href) && !strpos($href, '://') ) 609 609 $href = "http://$href"; 610 $title = attr ibute_escape($_POST['insertonly']['title']);610 $title = attr($_POST['insertonly']['title']); 611 611 if ( empty($title) ) 612 612 $title = basename($href); … … 662 662 if ( !empty($href) && !strpos($href, '://') ) 663 663 $href = "http://$href"; 664 $title = attr ibute_escape($_POST['insertonly']['title']);664 $title = attr($_POST['insertonly']['title']); 665 665 if ( empty($title) ) 666 666 $title = basename($href); … … 826 826 $url = $link; 827 827 828 return "<input type='text' class='urlfield' name='attachments[$post->ID][url]' value='" . attr ibute_escape($url) . "' /><br />828 return "<input type='text' class='urlfield' name='attachments[$post->ID][url]' value='" . attr($url) . "' /><br /> 829 829 <button type='button' class='button urlnone' title=''>" . __('None') . "</button> 830 <button type='button' class='button urlfile' title='" . attr ibute_escape($file) . "'>" . __('File URL') . "</button>831 <button type='button' class='button urlpost' title='" . attr ibute_escape($link) . "'>" . __('Post URL') . "</button>830 <button type='button' class='button urlfile' title='" . attr($file) . "'>" . __('File URL') . "</button> 831 <button type='button' class='button urlpost' title='" . attr($link) . "'>" . __('Post URL') . "</button> 832 832 "; 833 833 } … … 989 989 'label' => __('File URL'), 990 990 'input' => 'html', 991 'html' => "<input type='text' class='urlfield' readonly='readonly' name='attachments[$post->ID][url]' value='" . attr ibute_escape($image_url) . "' /><br />",991 'html' => "<input type='text' class='urlfield' readonly='readonly' name='attachments[$post->ID][url]' value='" . attr($image_url) . "' /><br />", 992 992 'value' => isset($edit_post->post_url) ? $edit_post->post_url : '', 993 993 'helps' => __('Location of the uploaded file.'), … … 1086 1086 1087 1087 $filename = basename($post->guid); 1088 $title = attr ibute_escape($post->post_title);1088 $title = attr($post->post_title); 1089 1089 1090 1090 if ( $_tags = get_the_tags($attachment_id) ) { 1091 1091 foreach ( $_tags as $tag ) 1092 1092 $tags[] = $tag->name; 1093 $tags = attr ibute_escape(join(', ', $tags));1093 $tags = attr(join(', ', $tags)); 1094 1094 } 1095 1095 … … 1098 1098 $keys = array_keys(wp_match_mime_types(array_keys($post_mime_types), $post->post_mime_type)); 1099 1099 $type = array_shift($keys); 1100 $type = "<input type='hidden' id='type-of-$attachment_id' value='" . attr ibute_escape( $type ) . "' />";1100 $type = "<input type='hidden' id='type-of-$attachment_id' value='" . attr( $type ) . "' />"; 1101 1101 } 1102 1102 … … 1157 1157 $delete_href = wp_nonce_url("post.php?action=delete-post&post=$attachment_id", 'delete-post_' . $attachment_id); 1158 1158 if ( $send ) 1159 $send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attr ibute_escape( __( 'Insert into Post' ) ) . "' />";1159 $send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attr( __( 'Insert into Post' ) ) . "' />"; 1160 1160 if ( $delete ) 1161 1161 $delete = "<a href=\"#\" class=\"del-link\" onclick=\"document.getElementById('del_attachment_$attachment_id').style.display='block';return false;\">" . __('Delete') . "</a>"; … … 1195 1195 $item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . wp_specialchars( $field['value'] ) . "</textarea>"; 1196 1196 } else { 1197 $item .= "<input type='text' id='$name' name='$name' value='" . attr ibute_escape( $field['value'] ) . "'" . $aria_required . "/>";1197 $item .= "<input type='text' id='$name' name='$name' value='" . attr( $field['value'] ) . "'" . $aria_required . "/>"; 1198 1198 } 1199 1199 if ( !empty($field['helps']) ) … … 1223 1223 1224 1224 foreach ( $hidden_fields as $name => $value ) 1225 $item .= "\t<input type='hidden' name='$name' id='$name' value='" . attr ibute_escape( $value ) . "' />\n";1225 $item .= "\t<input type='hidden' name='$name' id='$name' value='" . attr( $value ) . "' />\n"; 1226 1226 1227 1227 if ( $post->post_parent < 1 && isset($_REQUEST['post_id']) ) { … … 1304 1304 button_image_url: '<?php echo includes_url('images/upload.png'); ?>', 1305 1305 button_placeholder_id: "flash-browse-button", 1306 upload_url : "<?php echo attr ibute_escape( $flash_action_url ); ?>",1306 upload_url : "<?php echo attr( $flash_action_url ); ?>", 1307 1307 flash_url : "<?php echo includes_url('js/swfupload/swfupload.swf'); ?>", 1308 1308 file_post_name: "async-upload", … … 1351 1351 <?php do_action('pre-html-upload-ui'); ?> 1352 1352 <p id="async-upload-wrap"> 1353 <input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attr ibute_escape(__('Upload')); ?>" /> <a href="#" onclick="return top.tb_remove();"><?php _e('Cancel'); ?></a>1353 <input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attr(__('Upload')); ?>" /> <a href="#" onclick="return top.tb_remove();"><?php _e('Cancel'); ?></a> 1354 1354 </p> 1355 1355 <div class="clear"></div> … … 1381 1381 ?> 1382 1382 1383 <form enctype="multipart/form-data" method="post" action="<?php echo attr ibute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">1383 <form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form"> 1384 1384 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> 1385 1385 <?php wp_nonce_field('media-form'); ?> … … 1413 1413 ?> 1414 1414 </div> 1415 <input type="submit" class="button savebutton" name="save" value="<?php echo attr ibute_escape( __( 'Save all changes' ) ); ?>" />1415 <input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" /> 1416 1416 <?php 1417 1417 } … … 1437 1437 ?> 1438 1438 1439 <form enctype="multipart/form-data" method="post" action="<?php echo attr ibute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">1439 <form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form"> 1440 1440 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> 1441 1441 <?php wp_nonce_field('media-form'); ?> … … 1571 1571 <a href="#" id="clear"><?php _e('Clear'); ?></a> 1572 1572 </div> 1573 <form enctype="multipart/form-data" method="post" action="<?php echo attr ibute_escape($form_action_url); ?>" class="media-upload-form validate" id="gallery-form">1573 <form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form validate" id="gallery-form"> 1574 1574 <?php wp_nonce_field('media-form'); ?> 1575 1575 <?php //media_upload_form( $errors ); ?> … … 1586 1586 1587 1587 <p class="ml-submit"> 1588 <input type="submit" class="button savebutton" style="display:none;" name="save" id="save-all" value="<?php echo attr ibute_escape( __( 'Save all changes' ) ); ?>" />1588 <input type="submit" class="button savebutton" style="display:none;" name="save" id="save-all" value="<?php echo attr( __( 'Save all changes' ) ); ?>" /> 1589 1589 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> 1590 <input type="hidden" name="type" value="<?php echo attr ibute_escape( $GLOBALS['type'] ); ?>" />1591 <input type="hidden" name="tab" value="<?php echo attr ibute_escape( $GLOBALS['tab'] ); ?>" />1590 <input type="hidden" name="type" value="<?php echo attr( $GLOBALS['type'] ); ?>" /> 1591 <input type="hidden" name="tab" value="<?php echo attr( $GLOBALS['tab'] ); ?>" /> 1592 1592 </p> 1593 1593 … … 1663 1663 1664 1664 <p class="ml-submit"> 1665 <input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php echo attr ibute_escape( __( 'Insert gallery' ) ); ?>" />1666 <input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php echo attr ibute_escape( __( 'Update gallery settings' ) ); ?>" />1665 <input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php echo attr( __( 'Insert gallery' ) ); ?>" /> 1666 <input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php echo attr( __( 'Update gallery settings' ) ); ?>" /> 1667 1667 </p> 1668 1668 </div> … … 1700 1700 1701 1701 <form id="filter" action="" method="get"> 1702 <input type="hidden" name="type" value="<?php echo attr ibute_escape( $type ); ?>" />1703 <input type="hidden" name="tab" value="<?php echo attr ibute_escape( $tab ); ?>" />1702 <input type="hidden" name="type" value="<?php echo attr( $type ); ?>" /> 1703 <input type="hidden" name="tab" value="<?php echo attr( $tab ); ?>" /> 1704 1704 <input type="hidden" name="post_id" value="<?php echo (int) $post_id; ?>" /> 1705 <input type="hidden" name="post_mime_type" value="<?php echo isset( $_GET['post_mime_type'] ) ? attr ibute_escape( $_GET['post_mime_type'] ) : ''; ?>" />1705 <input type="hidden" name="post_mime_type" value="<?php echo isset( $_GET['post_mime_type'] ) ? attr( $_GET['post_mime_type'] ) : ''; ?>" /> 1706 1706 1707 1707 <p id="media-search" class="search-box"> 1708 1708 <label class="hidden" for="media-search-input"><?php _e('Search Media');?>:</label> 1709 1709 <input type="text" id="media-search-input" name="s" value="<?php the_search_query(); ?>" /> 1710 <input type="submit" value="<?php echo attr ibute_escape( __( 'Search Media' ) ); ?>" class="button" />1710 <input type="submit" value="<?php echo attr( __( 'Search Media' ) ); ?>" class="button" /> 1711 1711 </p> 1712 1712 … … 1787 1787 $default = ''; 1788 1788 1789 echo "<option$default value='" . attr ibute_escape( $arc_row->yyear . $arc_row->mmonth ) . "'>";1789 echo "<option$default value='" . attr( $arc_row->yyear . $arc_row->mmonth ) . "'>"; 1790 1790 echo wp_specialchars( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" ); 1791 1791 echo "</option>\n"; … … 1795 1795 <?php } ?> 1796 1796 1797 <input type="submit" id="post-query-submit" value="<?php echo attr ibute_escape( __( 'Filter »' ) ); ?>" class="button-secondary" />1797 <input type="submit" id="post-query-submit" value="<?php echo attr( __( 'Filter »' ) ); ?>" class="button-secondary" /> 1798 1798 1799 1799 </div> … … 1803 1803 </form> 1804 1804 1805 <form enctype="multipart/form-data" method="post" action="<?php echo attr ibute_escape($form_action_url); ?>" class="media-upload-form validate" id="library-form">1805 <form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form validate" id="library-form"> 1806 1806 1807 1807 <?php wp_nonce_field('media-form'); ?> … … 1825 1825 </div> 1826 1826 <p class="ml-submit"> 1827 <input type="submit" class="button savebutton" name="save" value="<?php echo attr ibute_escape( __( 'Save all changes' ) ); ?>" />1827 <input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" /> 1828 1828 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" /> 1829 1829 </p> … … 1907 1907 <td></td> 1908 1908 <td> 1909 <input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . attr ibute_escape(__('Insert into Post')) . '" />1909 <input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . attr(__('Insert into Post')) . '" /> 1910 1910 </td> 1911 1911 </tr> … … 1943 1943 <td></td> 1944 1944 <td> 1945 <input type="submit" class="button" name="insertonlybutton" value="' . attr ibute_escape(__('Insert into Post')) . '" />1945 <input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" /> 1946 1946 </td> 1947 1947 </tr> … … 1978 1978 <td></td> 1979 1979 <td> 1980 <input type="submit" class="button" name="insertonlybutton" value="' . attr ibute_escape(__('Insert into Post')) . '" />1980 <input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" /> 1981 1981 </td> 1982 1982 </tr> … … 2013 2013 <td></td> 2014 2014 <td> 2015 <input type="submit" class="button" name="insertonlybutton" value="' . attr ibute_escape(__('Insert into Post')) . '" />2015 <input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" /> 2016 2016 </td> 2017 2017 </tr>
Note: See TracChangeset
for help on using the changeset viewer.