WordPress.org

Make WordPress Core

Changeset 11110


Ignore:
Timestamp:
04/28/2009 06:37:51 AM (11 years ago)
Author:
ryan
Message:

attr escaping. see #9650

Location:
trunk/wp-admin
Files:
30 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-page-form.php

    r11109 r11110  
    7474<div id="save-action">
    7575<?php if ( 'publish' != $post->post_status && 'future' != $post->post_status && 'pending' != $post->post_status )  { ?>
    76 <input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php echo attr( __('Save Draft') ); ?>" tabindex="4" class="button button-highlighted" />
     76<input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php _ea('Save Draft'); ?>" tabindex="4" class="button button-highlighted" />
    7777<?php } elseif ( 'pending' == $post->post_status && $can_publish ) { ?>
    78 <input type="submit" name="save" id="save-post" value="<?php echo attr( __('Save as Pending') ); ?>" tabindex="4" class="button button-highlighted" />
     78<input type="submit" name="save" id="save-post" value="<?php _ea('Save as Pending'); ?>" tabindex="4" class="button button-highlighted" />
    7979<?php } ?>
    8080</div>
     
    125125
    126126<div id="post-status-select" class="hide-if-js">
    127 <input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo $post->post_status; ?>" />
     127<input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo attr($post->post_status); ?>" />
    128128<select name='post_status' id='post_status' tabindex='4'>
    129129<?php if ( 'publish' == $post->post_status ) : ?>
     
    229229<?php if ( $can_publish ) : ?>
    230230    <?php if ( !empty($post->post_date_gmt) && time() < strtotime( $post->post_date_gmt . ' +0000' ) ) : ?>
    231         <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Schedule') ?>" />
    232         <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Schedule') ?>" />
     231        <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Schedule') ?>" />
     232        <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Schedule') ?>" />
    233233    <?php else : ?>
    234         <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Publish') ?>" />
    235         <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />
     234        <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Publish') ?>" />
     235        <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Publish') ?>" />
    236236    <?php endif; ?>
    237237<?php else : ?>
    238     <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Submit for Review') ?>" />
    239     <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Submit for Review') ?>" />
     238    <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Submit for Review') ?>" />
     239    <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Submit for Review') ?>" />
    240240<?php endif; ?>
    241241<?php } else { ?>
    242     <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Update Page') ?>" />
    243     <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Update Page') ?>" />
     242    <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Update Page') ?>" />
     243    <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Update Page') ?>" />
    244244<?php } ?>
    245245</div>
     
    294294?>
    295295<h5><?php _e('Order') ?></h5>
    296 <p><label class="hidden" for="menu_order"><?php _e('Page Order') ?></label><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo $post->menu_order ?>" /></p>
     296<p><label class="hidden" for="menu_order"><?php _e('Page Order') ?></label><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo attr($post->menu_order) ?>" /></p>
    297297<p><?php _e('Pages are usually ordered alphabetically, but you can put a number above to change the order pages appear in. (We know this is a little janky, it&#8217;ll be better in future releases.)'); ?></p>
    298298<?php
     
    418418?>
    419419<input type="hidden" id="user-id" name="user_ID" value="<?php echo $user_ID ?>" />
    420 <input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' />
    421 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
     420<input type="hidden" id="hiddenaction" name="action" value='<?php echo attr($form_action) ?>' />
     421<input type="hidden" id="originalaction" name="originalaction" value="<?php echo attr($form_action) ?>" />
    422422<input type="hidden" id="post_author" name="post_author" value="<?php echo attr( $post->post_author ); ?>" />
    423423<?php echo $form_extra ?>
    424 <input type="hidden" id="post_type" name="post_type" value="<?php echo $post->post_type ?>" />
    425 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo $post->post_status ?>" />
     424<input type="hidden" id="post_type" name="post_type" value="<?php echo attr($post->post_type) ?>" />
     425<input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo attr($post->post_status) ?>" />
    426426<input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
    427427<?php if ( 'draft' != $post->post_status ) wp_original_referer_field(true, 'previous'); ?>
  • trunk/wp-admin/edit-pages.php

    r11109 r11110  
    172172    <label class="hidden" for="page-search-input"><?php _e( 'Search Pages' ); ?>:</label>
    173173    <input type="text" id="page-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    174     <input type="submit" value="<?php _e( 'Search Pages' ); ?>" class="button" />
     174    <input type="submit" value="<?php _ea( 'Search Pages' ); ?>" class="button" />
    175175</p>
    176176
     
    216216<option value="delete"><?php _e('Delete'); ?></option>
    217217</select>
    218 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     218<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    219219<?php wp_nonce_field('bulk-pages'); ?>
    220220</div>
     
    255255<option value="delete"><?php _e('Delete'); ?></option>
    256256</select>
    257 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     257<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    258258</div>
    259259
  • trunk/wp-admin/edit-tag-form.php

    r11109 r11110  
    2121<form name="edittag" id="edittag" method="post" action="edit-tags.php" class="validate">
    2222<input type="hidden" name="action" value="editedtag" />
    23 <input type="hidden" name="tag_ID" value="<?php echo $tag->term_id ?>" />
     23<input type="hidden" name="tag_ID" value="<?php echo attr($tag->term_id) ?>" />
    2424<input type="hidden" name="taxonomy" value="<?php echo attr($taxonomy) ?>" />
    2525<?php wp_original_referer_field(true, 'previous'); wp_nonce_field('update-tag_' . $tag_ID); ?>
     
    4141        </tr>
    4242    </table>
    43 <p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php _e('Update Tag'); ?>" /></p>
     43<p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php _ea('Update Tag'); ?>" /></p>
    4444<?php do_action('edit_tag_form', $tag); ?>
    4545</form>
  • trunk/wp-admin/edit-tags.php

    r11109 r11110  
    161161    <label class="hidden" for="tag-search-input"><?php _e( 'Search Tags' ); ?>:</label>
    162162    <input type="text" id="tag-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    163     <input type="submit" value="<?php _e( 'Search Tags' ); ?>" class="button" />
     163    <input type="submit" value="<?php _ea( 'Search Tags' ); ?>" class="button" />
    164164</p>
    165165</form>
     
    202202<option value="delete"><?php _e('Delete'); ?></option>
    203203</select>
    204 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     204<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    205205<?php wp_nonce_field('bulk-tags'); ?>
    206206</div>
     
    245245<option value="delete"><?php _e('Delete'); ?></option>
    246246</select>
    247 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     247<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    248248</div>
    249249
     
    298298</div>
    299299
    300 <p class="submit"><input type="submit" class="button" name="submit" value="<?php _e('Add Tag'); ?>" /></p>
     300<p class="submit"><input type="submit" class="button" name="submit" value="<?php _ea('Add Tag'); ?>" /></p>
    301301<?php do_action('add_tag_form'); ?>
    302302</form></div>
  • trunk/wp-admin/edit.php

    r11109 r11110  
    167167    <label class="hidden" for="post-search-input"><?php _e( 'Search Posts' ); ?>:</label>
    168168    <input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" />
    169     <input type="submit" value="<?php _e( 'Search Posts' ); ?>" class="button" />
     169    <input type="submit" value="<?php _ea( 'Search Posts' ); ?>" class="button" />
    170170</p>
    171171
     
    173173<input type="hidden" name="post_status" value="<?php echo attr($_GET['post_status']) ?>" />
    174174<?php endif; ?>
    175 <input type="hidden" name="mode" value="<?php echo $mode; ?>" />
     175<input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
    176176
    177177<?php if ( have_posts() ) { ?>
     
    196196<option value="delete"><?php _e('Delete'); ?></option>
    197197</select>
    198 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     198<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    199199<?php wp_nonce_field('bulk-posts'); ?>
    200200
     
    223223        $default = '';
    224224
    225     echo "<option$default value='$arc_row->yyear$arc_row->mmonth'>";
     225    echo "<option$default value='" . attr("$arc_row->yyear$arc_row->mmonth") . "'>";
    226226    echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear";
    227227    echo "</option>\n";
     
    237237do_action('restrict_manage_posts');
    238238?>
    239 <input type="submit" id="post-query-submit" value="<?php _e('Filter'); ?>" class="button-secondary" />
     239<input type="submit" id="post-query-submit" value="<?php _ea('Filter'); ?>" class="button-secondary" />
    240240
    241241<?php } ?>
     
    276276<option value="delete"><?php _e('Delete'); ?></option>
    277277</select>
    278 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     278<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    279279<br class="clear" />
    280280</div>
  • trunk/wp-admin/export.php

    r10150 r11110  
    4343foreach ( $authors as $id ) {
    4444    $o = get_userdata( $id );
    45     echo "<option value='$o->ID'>$o->display_name</option>";
     45    echo "<option value='" . attr($o->ID) . "'>$o->display_name</option>";
    4646}
    4747?>
     
    5050</tr>
    5151</table>
    52 <p class="submit"><input type="submit" name="submit" class="button" value="<?php _e('Download Export File'); ?>" />
     52<p class="submit"><input type="submit" name="submit" class="button" value="<?php _ea('Download Export File'); ?>" />
    5353<input type="hidden" name="download" value="true" />
    5454</p>
  • trunk/wp-admin/install.php

    r10774 r11110  
    5858        <tr>
    5959            <th scope="row"><label for="weblog_title"><?php _e('Blog Title'); ?></label></th>
    60             <td><input name="weblog_title" type="text" id="weblog_title" size="25" value="<?php echo ( isset($_POST['weblog_title']) ? $_POST['weblog_title'] : '' ); ?>" /></td>
     60            <td><input name="weblog_title" type="text" id="weblog_title" size="25" value="<?php echo ( isset($_POST['weblog_title']) ? attr($_POST['weblog_title']) : '' ); ?>" /></td>
    6161        </tr>
    6262        <tr>
    6363            <th scope="row"><label for="admin_email"><?php _e('Your E-mail'); ?></label></th>
    64             <td><input name="admin_email" type="text" id="admin_email" size="25" value="<?php echo ( isset($_POST['admin_email']) ? $_POST['admin_email'] : '' ); ?>" /><br />
     64            <td><input name="admin_email" type="text" id="admin_email" size="25" value="<?php echo ( isset($_POST['admin_email']) ? attr($_POST['admin_email']) : '' ); ?>" /><br />
    6565            <?php _e('Double-check your email address before continuing.'); ?>
    6666        </tr>
     
    6969        </tr>
    7070    </table>
    71     <p class="step"><input type="submit" name="Submit" value="<?php _e('Install WordPress'); ?>" class="button" /></p>
     71    <p class="step"><input type="submit" name="Submit" value="<?php _ea('Install WordPress'); ?>" class="button" /></p>
    7272</form>
    7373<?php
  • trunk/wp-admin/link-manager.php

    r11109 r11110  
    9191    <label class="hidden" for="link-search-input"><?php _e( 'Search Links' ); ?>:</label>
    9292    <input type="text" id="link-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    93     <input type="submit" value="<?php _e( 'Search Links' ); ?>" class="button" />
     93    <input type="submit" value="<?php _ea( 'Search Links' ); ?>" class="button" />
    9494</p>
    9595</form>
     
    104104<option value="delete"><?php _e('Delete'); ?></option>
    105105</select>
    106 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     106<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    107107
    108108<?php
     
    111111$select_cat .= '<option value="all"'  . (($cat_id == 'all') ? " selected='selected'" : '') . '>' . __('View all Categories') . "</option>\n";
    112112foreach ((array) $categories as $cat)
    113     $select_cat .= '<option value="' . $cat->term_id . '"' . (($cat->term_id == $cat_id) ? " selected='selected'" : '') . '>' . sanitize_term_field('name', $cat->name, $cat->term_id, 'link_category', 'display') . "</option>\n";
     113    $select_cat .= '<option value="' . attr($cat->term_id) . '"' . (($cat->term_id == $cat_id) ? " selected='selected'" : '') . '>' . sanitize_term_field('name', $cat->name, $cat->term_id, 'link_category', 'display') . "</option>\n";
    114114$select_cat .= "</select>\n";
    115115
     
    125125
    126126?>
    127 <input type="submit" id="post-query-submit" value="<?php _e('Filter'); ?>" class="button-secondary" />
     127<input type="submit" id="post-query-submit" value="<?php _ea('Filter'); ?>" class="button-secondary" />
    128128
    129129</div>
     
    191191            switch($column_name) {
    192192                case 'cb':
    193                     echo '<th scope="row" class="check-column"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></th>';
     193                    echo '<th scope="row" class="check-column"><input type="checkbox" name="linkcheck[]" value="'. attr($link->link_id) .'" /></th>';
    194194                    break;
    195195                case 'name':
     
    259259<option value="delete"><?php _e('Delete'); ?></option>
    260260</select>
    261 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     261<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    262262</div>
    263263
  • trunk/wp-admin/media-upload.php

    r11109 r11110  
    7979    <div id="media-items"> </div>
    8080    <p>
    81     <input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
     81    <input type="submit" class="button savebutton" name="save" value="<?php _ea( 'Save all changes' ); ?>" />
    8282    </p>
    8383    </form>
  • trunk/wp-admin/media.php

    r11052 r11110  
    9494
    9595<p class="submit">
    96 <input type="submit" class="button-primary" name="save" value="<?php _e('Update Media'); ?>" />
    97 <input type="hidden" name="post_id" id="post_id" value="<?php echo isset($post_id) ? $post_id : ''; ?>" />
    98 <input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo $att_id; ?>" />
     96<input type="submit" class="button-primary" name="save" value="<?php _ea('Update Media'); ?>" />
     97<input type="hidden" name="post_id" id="post_id" value="<?php echo isset($post_id) ? attr($post_id) : ''; ?>" />
     98<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo attr($att_id); ?>" />
    9999<input type="hidden" name="action" value="editattachment" />
    100100<?php wp_original_referer_field(true, 'previous'); ?>
  • trunk/wp-admin/options-discussion.php

    r11109 r11110  
    6565$thread_comments_depth = '</label><select name="thread_comments_depth" id="thread_comments_depth">';
    6666for ( $i = 1; $i <= $maxdeep; $i++ ) {
    67     $thread_comments_depth .= "<option value='$i'";
     67    $thread_comments_depth .= "<option value='" . attr($i) . "'";
    6868    if ( get_option('thread_comments_depth') == $i ) $thread_comments_depth .= " selected='selected'";
    6969    $thread_comments_depth .= ">$i</option>";
     
    126126<th scope="row"><?php _e('Comment Moderation') ?></th>
    127127<td><fieldset><legend class="hidden"><?php _e('Comment Moderation') ?></legend>
    128 <p><label for="comment_max_links"><?php printf(__('Hold a comment in the queue if it contains %s or more links. (A common characteristic of comment spam is a large number of hyperlinks.)'), '<input name="comment_max_links" type="text" id="comment_max_links" value="' . get_option('comment_max_links'). '" class="small-text" />' ) ?></label></p>
     128<p><label for="comment_max_links"><?php printf(__('Hold a comment in the queue if it contains %s or more links. (A common characteristic of comment spam is a large number of hyperlinks.)'), '<input name="comment_max_links" type="text" id="comment_max_links" value="' . attr(get_option('comment_max_links')) . '" class="small-text" />' ) ?></label></p>
    129129
    130130<p><label for="moderation_keys"><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be held in the <a href="edit-comments.php?comment_status=moderated">moderation queue</a>. One word or IP per line. It will match inside words, so "press" will match "WordPress".') ?></label></p>
     
    160160    foreach ( $yesorno as $key => $value) {
    161161        $selected = (get_option('show_avatars') == $key) ? 'checked="checked"' : '';
    162         echo "\n\t<label><input type='radio' name='show_avatars' value='$key' $selected/> $value</label><br />";
     162        echo "\n\t<label><input type='radio' name='show_avatars' value='" . attr($key) . "' $selected/> $value</label><br />";
    163163    }
    164164?>
     
    173173foreach ($ratings as $key => $rating) :
    174174    $selected = (get_option('avatar_rating') == $key) ? 'checked="checked"' : '';
    175     echo "\n\t<label><input type='radio' name='avatar_rating' value='$key' $selected/> $rating</label><br />";
     175    echo "\n\t<label><input type='radio' name='avatar_rating' value='" . attr($key) . "' $selected/> $rating</label><br />";
    176176endforeach;
    177177?>
     
    202202foreach ( $avatar_defaults as $default_key => $default_name ) {
    203203    $selected = ($default == $default_key) ? 'checked="checked" ' : '';
    204     $avatar_list .= "\n\t<label><input type='radio' name='avatar_default' id='avatar_{$default_key}' value='{$default_key}' {$selected}/> ";
     204    $avatar_list .= "\n\t<label><input type='radio' name='avatar_default' id='avatar_{$default_key}' value='" . attr($default_key)  . "' {$selected}/> ";
    205205
    206206    $avatar = get_avatar( $user_email, $size, $default_key );
     
    221221
    222222<p class="submit">
    223 <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     223<input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    224224</p>
    225225</form>
  • trunk/wp-admin/options-general.php

    r11109 r11110  
    121121        $current_offset_name = $offset_name;
    122122    }
    123     echo "<option value=\"$offset\"$selected>" . sprintf(__('UTC %s'), $offset_name) . '</option>';
     123    echo "<option value=\"" . attr($offset) . "\"$selected>" . sprintf(__('UTC %s'), $offset_name) . '</option>';
    124124}
    125125?>
     
    264264for ($day_index = 0; $day_index <= 6; $day_index++) :
    265265    $selected = (get_option('start_of_week') == $day_index) ? 'selected="selected"' : '';
    266     echo "\n\t<option value='$day_index' $selected>" . $wp_locale->get_weekday($day_index) . '</option>';
     266    echo "\n\t<option value='" . attr($day_index) . "' $selected>" . $wp_locale->get_weekday($day_index) . '</option>';
    267267endfor;
    268268?>
     
    275275
    276276<p class="submit">
    277 <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     277<input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    278278</p>
    279279</form>
  • trunk/wp-admin/options-media.php

    r10150 r11110  
    6666
    6767<p class="submit">
    68     <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     68    <input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    6969</p>
    7070
  • trunk/wp-admin/options-misc.php

    r11109 r11110  
    6868
    6969<p class="submit">
    70     <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     70    <input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    7171</p>
    7272
  • trunk/wp-admin/options-permalink.php

    r11109 r11110  
    152152    </tr>
    153153    <tr>
    154         <th><label><input name="selection" type="radio" value="<?php echo $structures[1]; ?>" class="tog" <?php checked($structures[1], $permalink_structure); ?> /> <?php _e('Day and name'); ?></label></th>
     154        <th><label><input name="selection" type="radio" value="<?php echo attr($structures[1]); ?>" class="tog" <?php checked($structures[1], $permalink_structure); ?> /> <?php _e('Day and name'); ?></label></th>
    155155        <td><code><?php echo get_option('home') . $prefix . '/' . date('Y') . '/' . date('m') . '/' . date('d') . '/sample-post/'; ?></code></td>
    156156    </tr>
    157157    <tr>
    158         <th><label><input name="selection" type="radio" value="<?php echo $structures[2]; ?>" class="tog" <?php checked($structures[2], $permalink_structure); ?> /> <?php _e('Month and name'); ?></label></th>
     158        <th><label><input name="selection" type="radio" value="<?php echo attr($structures[2]); ?>" class="tog" <?php checked($structures[2], $permalink_structure); ?> /> <?php _e('Month and name'); ?></label></th>
    159159        <td><code><?php echo get_option('home') . $prefix . '/' . date('Y') . '/' . date('m') . '/sample-post/'; ?></code></td>
    160160    </tr>
    161161    <tr>
    162         <th><label><input name="selection" type="radio" value="<?php echo $structures[3]; ?>" class="tog" <?php checked($structures[3], $permalink_structure); ?> /> <?php _e('Numeric'); ?></label></th>
     162        <th><label><input name="selection" type="radio" value="<?php echo attr($structures[3]); ?>" class="tog" <?php checked($structures[3], $permalink_structure); ?> /> <?php _e('Numeric'); ?></label></th>
    163163        <td><code><?php echo get_option('home') . $prefix  ; ?>/archives/123</code></td>
    164164    </tr>
     
    201201
    202202<p class="submit">
    203     <input type="submit" name="submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     203    <input type="submit" name="submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    204204</p>
    205205  </form>
  • trunk/wp-admin/options-privacy.php

    r10150 r11110  
    4040
    4141<p class="submit">
    42     <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     42    <input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    4343</p>
    4444</form>
  • trunk/wp-admin/options-reading.php

    r10971 r11110  
    8181
    8282<p class="submit">
    83     <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     83    <input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    8484</p>
    8585</form>
  • trunk/wp-admin/options-writing.php

    r10971 r11110  
    128128
    129129<p class="submit">
    130     <input type="submit" name="Submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
     130    <input type="submit" name="Submit" class="button-primary" value="<?php _ea('Save Changes') ?>" />
    131131</p>
    132132</form>
  • trunk/wp-admin/options.php

    r11109 r11110  
    131131  </table>
    132132<?php $options_to_update = implode(',', $options_to_update); ?>
    133 <p class="submit"><input type="hidden" name="page_options" value="<?php echo $options_to_update; ?>" /><input type="submit" name="Update" value="<?php _e('Save Changes') ?>" class="button-primary" /></p>
     133<p class="submit"><input type="hidden" name="page_options" value="<?php echo attr($options_to_update); ?>" /><input type="submit" name="Update" value="<?php _e('Save Changes') ?>" class="button-primary" /></p>
    134134  </form>
    135135</div>
  • trunk/wp-admin/plugin-editor.php

    r11109 r11110  
    157157?>
    158158        </select>
    159         <input type="submit" name="Submit" value="<?php _e('Select') ?>" class="button" />
     159        <input type="submit" name="Submit" value="<?php _ea('Select') ?>" class="button" />
    160160    </form>
    161161</div>
     
    205205        <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1" class="codepress <?php echo $codepress_lang ?>"><?php echo $content ?></textarea>
    206206        <input type="hidden" name="action" value="update" />
    207         <input type="hidden" name="file" value="<?php echo $file ?>" />
    208         <input type="hidden" name="plugin" value="<?php echo $plugin ?>" />
     207        <input type="hidden" name="file" value="<?php echo attr($file) ?>" />
     208        <input type="hidden" name="plugin" value="<?php echo attr($plugin) ?>" />
    209209        </div>
    210210        <?php if ( count( $functions ) ) : ?>
    211         <div id="documentation"><label for="docs-list"><?php _e('Documentation:') ?></label> <?php echo $docs_select ?> <input type="button" class="button" value=" <?php echo attr(__( 'Lookup' )) ?> " onclick="if ( '' != jQuery('#docs-list').val() ) { window.open( 'http://api.wordpress.org/core/handbook/1.0/?function=' + escape( jQuery( '#docs-list' ).val() ) + '&locale=<?php echo urlencode( get_locale() ) ?>&version=<?php echo urlencode( $wp_version ) ?>&redirect=true'); }" /></div>
     211        <div id="documentation"><label for="docs-list"><?php _e('Documentation:') ?></label> <?php echo $docs_select ?> <input type="button" class="button" value="<?php _ea( 'Lookup' ) ?> " onclick="if ( '' != jQuery('#docs-list').val() ) { window.open( 'http://api.wordpress.org/core/handbook/1.0/?function=' + escape( jQuery( '#docs-list' ).val() ) + '&locale=<?php echo urlencode( get_locale() ) ?>&version=<?php echo urlencode( $wp_version ) ?>&redirect=true'); }" /></div>
    212212        <?php endif; ?>
    213213<?php if ( is_writeable($real_file) ) : ?>
     
    218218    <?php
    219219        if ( isset($_GET['phperror']) )
    220             echo "<input type='hidden' name='phperror' value='1' /><input type='submit' name='submit' class='button-primary' value='" . __('Update File and Attempt to Reactivate') . "' tabindex='2' />";
    221         else
    222             echo "<input type='submit' name='submit' class='button-primary' value='" . __('Update File') . "' tabindex='2' />";
     220            echo "<input type='hidden' name='phperror' value='1' /><input type='submit' name='submit' class='button-primary' value='" . _a('Update File and Attempt to Reactivate') . "' tabindex='2' />";
     221        else
     222            echo "<input type='submit' name='submit' class='button-primary' value='" . _a('Update File') . "' tabindex='2' />";
    223223    ?>
    224224    </p>
  • trunk/wp-admin/plugins.php

    r11109 r11110  
    143143                    ?>
    144144                    <?php wp_nonce_field('bulk-manage-plugins') ?>
    145                     <input type="submit" name="submit" value="<?php _e('Yes, Delete these files') ?>" class="button" />
     145                    <input type="submit" name="submit" value="<?php _ea('Yes, Delete these files') ?>" class="button" />
    146146                </form>
    147147                <form method="post" action="<?php echo clean_url(wp_get_referer()); ?>" style="display:inline;">
    148                     <input type="submit" name="submit" value="<?php _e('No, Return me to the plugin list') ?>" class="button" />
     148                    <input type="submit" name="submit" value="<?php _ea('No, Return me to the plugin list') ?>" class="button" />
    149149                </form>
    150150
     
    414414    <?php endif; ?>
    415415        </select>
    416         <input type="submit" name="doaction_active" value="<?php _e('Apply'); ?>" class="button-secondary action" />
     416        <input type="submit" name="doaction_active" value="<?php _ea('Apply'); ?>" class="button-secondary action" />
    417417    <?php if( 'recent' == $context ) : ?>
    418         <input type="submit" name="clear-recent-list" value="<?php _e('Clear List') ?>" class="button-secondary" />
     418        <input type="submit" name="clear-recent-list" value="<?php _ea('Clear List') ?>" class="button-secondary" />
    419419    <?php endif; ?>
    420420    </div>
     
    427427    <label class="hidden" for="plugin-search-input"><?php _e( 'Search Plugins' ); ?>:</label>
    428428    <input type="text" id="plugin-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    429     <input type="submit" value="<?php _e( 'Search Plugins' ); ?>" class="button" />
     429    <input type="submit" value="<?php _ea( 'Search Plugins' ); ?>" class="button" />
    430430</p>
    431431</form>
  • trunk/wp-admin/press-this.php

    r11109 r11110  
    456456                <div class="inside">
    457457                    <p>
    458                         <input class="button" type="submit" name="draft" value="<?php _e('Save Draft') ?>" id="save" />
     458                        <input class="button" type="submit" name="draft" value="<?php _ea('Save Draft') ?>" id="save" />
    459459                        <?php if ( current_user_can('publish_posts') ) { ?>
    460                             <input class="button-primary" type="submit" name="publish" value="<?php _e('Publish') ?>" id="publish" />
     460                            <input class="button-primary" type="submit" name="publish" value="<?php _ea('Publish') ?>" id="publish" />
    461461                        <?php } else { ?>
    462                             <br /><br /><input class="button-primary" type="submit" name="review" value="<?php _e('Submit for Review') ?>" id="review" />
     462                            <br /><br /><input class="button-primary" type="submit" name="review" value="<?php _ea('Submit for Review') ?>" id="review" />
    463463                        <?php } ?>
    464464                        <img src="images/loading-publish.gif" alt="" id="saving" style="display:none;" />
     
    480480                        <a id="category-add-toggle" href="#category-add" class="hide-if-no-js" tabindex="3"><?php _e( '+ Add New Category' ); ?></a>
    481481                        <p id="category-add" class="wp-hidden-child">
    482                             <label class="hidden" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _e( 'New category name' ); ?>" tabindex="3" aria-required="true"/>
     482                            <label class="hidden" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _ea( 'New category name' ); ?>" tabindex="3" aria-required="true"/>
    483483                            <label class="hidden" for="newcat_parent"><?php _e('Parent category'); ?>:</label><?php wp_dropdown_categories( array( 'hide_empty' => 0, 'name' => 'newcat_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => __('Parent category'), 'tab_index' => 3 ) ); ?>
    484                             <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php _e( 'Add' ); ?>" tabindex="3" />
     484                            <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php _ea( 'Add' ); ?>" tabindex="3" />
    485485                            <?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?>
    486486                            <span id="category-ajax-response"></span>
     
    498498                            <input type="hidden" name="tax_input[post_tag]" class="the-tags" id="tax-input[post_tag]" value="" />
    499499                            <span class="ajaxtag" style="display:none;">
    500                                 <input type="text" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php _e('Add new tag'); ?>" />
    501                                 <input type="button" class="button tagadd" value="Add" tabindex="3" />
     500                                <input type="text" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php _ea('Add new tag'); ?>" />
     501                                <input type="button" class="button tagadd" value="<?php _ea('Add'); ?>" tabindex="3" />
    502502                            </span>
    503503                        </p>
  • trunk/wp-admin/sidebar.php

    r8834 r11110  
    8989<div>
    9090<input type="hidden" name="action" value="post" />
    91 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
     91<input type="hidden" name="user_ID" value="<?php echo attr($user_ID) ?>" />
    9292<input type="hidden" name="mode" value="sidebar" />
    93 <input type="hidden" name="ping_status" value="<?php echo $post->ping_status; ?>" />
    94 <input type="hidden" name="comment_status" value="<?php echo $post->comment_status; ?>" />
     93<input type="hidden" name="ping_status" value="<?php echo attr($post->ping_status); ?>" />
     94<input type="hidden" name="comment_status" value="<?php echo attr($post->comment_status); ?>" />
    9595<?php wp_nonce_field('add-post');
    9696
     
    117117
    118118<p>
    119 <input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" accesskey="s" class="button" value="<?php _e('Save as Draft'); ?>" />
     119<input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" accesskey="s" class="button" value="<?php _ea('Save as Draft'); ?>" />
    120120<?php if ( current_user_can('publish_posts') ) : ?>
    121 <input name="publish" type="submit" id="publish" tabindex="6" accesskey="p" value="<?php _e('Publish') ?>" class="button button-highlighted" />
     121<input name="publish" type="submit" id="publish" tabindex="6" accesskey="p" value="<?php _ea('Publish') ?>" class="button button-highlighted" />
    122122<?php endif; ?>
    123123</p>
  • trunk/wp-admin/theme-editor.php

    r11109 r11110  
    9595
    9696            $docs_select = '<select name="docs-list" id="docs-list">';
    97             $docs_select .= '<option value="">' . __( 'Function Name...' ) . '</option>';
     97            $docs_select .= '<option value="">' . _a( 'Function Name...' ) . '</option>';
    9898            foreach ( $functions as $function ) {
    9999                $docs_select .= '<option value="' . urlencode( $function ) . '">' . htmlspecialchars( $function ) . '()</option>';
     
    131131?>
    132132        </select>
    133         <input type="submit" name="Submit" value="<?php _e('Select') ?>" class="button" />
     133        <input type="submit" name="Submit" value="<?php _ea('Select') ?>" class="button" />
    134134    </form>
    135135</div>
     
    200200         <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1" class="codepress <?php echo $codepress_lang ?>"><?php echo $content ?></textarea>
    201201         <input type="hidden" name="action" value="update" />
    202          <input type="hidden" name="file" value="<?php echo $file ?>" />
    203          <input type="hidden" name="theme" value="<?php echo $theme ?>" />
     202         <input type="hidden" name="file" value="<?php echo attr($file) ?>" />
     203         <input type="hidden" name="theme" value="<?php echo attr($theme) ?>" />
    204204         </div>
    205205    <?php if ( isset($functions ) && count($functions) ) { ?>
     
    207207        <label for="docs-list"><?php _e('Documentation:') ?></label>
    208208        <?php echo $docs_select; ?>
    209         <input type="button" class="button" value=" <?php _e( 'Lookup' ); ?> " onclick="if ( '' != jQuery('#docs-list').val() ) { window.open( 'http://api.wordpress.org/core/handbook/1.0/?function=' + escape( jQuery( '#docs-list' ).val() ) + '&locale=<?php echo urlencode( get_locale() ) ?>&version=<?php echo urlencode( $wp_version ) ?>&redirect=true'); }" />
     209        <input type="button" class="button" value=" <?php _ea( 'Lookup' ); ?> " onclick="if ( '' != jQuery('#docs-list').val() ) { window.open( 'http://api.wordpress.org/core/handbook/1.0/?function=' + escape( jQuery( '#docs-list' ).val() ) + '&locale=<?php echo urlencode( get_locale() ) ?>&version=<?php echo urlencode( $wp_version ) ?>&redirect=true'); }" />
    210210        </div>
    211211    <?php } ?>
     
    215215            <p class="submit">
    216216<?php
    217     echo "<input type='submit' name='submit' class='button-primary' value='" . __('Update File') . "' tabindex='2' />";
     217    echo "<input type='submit' name='submit' class='button-primary' value='" . _a('Update File') . "' tabindex='2' />";
    218218?>
    219219</p>
  • trunk/wp-admin/update-core.php

    r11109 r11110  
    4141    wp_nonce_field('upgrade-core');
    4242    echo '<p>';
    43     echo '<input id="upgrade" class="button" type="submit" value="' . $submit . '" name="upgrade" />&nbsp;';
    44     echo '<input name="version" value="'.$update->current.'" type="hidden"/>';
    45     echo '<input name="locale" value="'.$update->locale.'" type="hidden"/>';
    46     echo '<a href="' . $update->package . '" class="button">' . $download . '</a>&nbsp;';
     43    echo '<input id="upgrade" class="button" type="submit" value="' . attr($submit) . '" name="upgrade" />&nbsp;';
     44    echo '<input name="version" value="'. attr($update->current) .'" type="hidden"/>';
     45    echo '<input name="locale" value="'. attr($update->locale) .'" type="hidden"/>';
     46    echo '<a href="' . clean_url($update->package) . '" class="button">' . $download . '</a>&nbsp;';
    4747    if ( 'en_US' != $update->locale )
    4848        if ( !isset( $update->dismissed ) || !$update->dismissed )
    49             echo '<input id="dismiss" class="button" type="submit" value="' . attr(__('Hide this update')) . '" name="dismiss" />';
     49            echo '<input id="dismiss" class="button" type="submit" value="' . _a('Hide this update') . '" name="dismiss" />';
    5050        else
    51             echo '<input id="undismiss" class="button" type="submit" value="' . attr(__('Bring back this update')) . '" name="undismiss" />';
     51            echo '<input id="undismiss" class="button" type="submit" value="' . _a('Bring back this update') . '" name="undismiss" />';
    5252    echo '</p>';
    5353    echo '</form>';
  • trunk/wp-admin/upload.php

    r11109 r11110  
    212212    <label class="hidden" for="media-search-input"><?php _e( 'Search Media' ); ?>:</label>
    213213    <input type="text" id="media-search-input" name="s" value="<?php the_search_query(); ?>" />
    214     <input type="submit" value="<?php _e( 'Search Media' ); ?>" class="button" />
     214    <input type="submit" value="<?php _ea( 'Search Media' ); ?>" class="button" />
    215215</p>
    216216</form>
     
    248248<?php } ?>
    249249</select>
    250 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     250<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    251251<?php wp_nonce_field('bulk-media'); ?>
    252252
     
    273273        $default = '';
    274274
    275     echo "<option$default value='$arc_row->yyear$arc_row->mmonth'>";
     275    echo "<option$default value='" . attr("$arc_row->yyear$arc_row->mmonth") . "'>";
    276276    echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear";
    277277    echo "</option>\n";
     
    281281<?php endif; // month_count ?>
    282282
    283 <input type="submit" id="post-query-submit" value="<?php _e('Filter'); ?>" class="button-secondary" />
     283<input type="submit" id="post-query-submit" value="<?php _ea('Filter'); ?>" class="button-secondary" />
    284284
    285285<?php } // ! is_singular ?>
    286286
    287287<?php if ( isset($_GET['detached']) ) { ?>
    288     <input type="submit" id="find_detached" name="find_detached" value="<?php _e('Scan for lost attachments'); ?>" class="button-secondary" />
     288    <input type="submit" id="find_detached" name="find_detached" value="<?php _ea('Scan for lost attachments'); ?>" class="button-secondary" />
    289289<?php } ?>
    290290
     
    326326?>
    327327    <tr id='post-<?php echo $post->ID; ?>' class='<?php echo $class; ?>' valign="top">
    328         <th scope="row" class="check-column"><input type="checkbox" name="media[]" value="<?php echo $post->ID; ?>" /></th>
     328        <th scope="row" class="check-column"><input type="checkbox" name="media[]" value="<?php echo attr($post->ID); ?>" /></th>
    329329
    330330        <td class="media-icon"><?php
     
    404404<?php } ?>
    405405</select>
    406 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     406<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    407407</div>
    408408
  • trunk/wp-admin/user-edit.php

    r11065 r11110  
    216216    $current_color = 'fresh';
    217217foreach ( $_wp_admin_css_colors as $color => $color_info ): ?>
    218 <div class="color-option"><input name="admin_color" id="admin_color_<?php echo $color; ?>" type="radio" value="<?php echo $color ?>" class="tog" <?php checked($color, $current_color); ?> />
     218<div class="color-option"><input name="admin_color" id="admin_color_<?php echo $color; ?>" type="radio" value="<?php echo attr($color) ?>" class="tog" <?php checked($color, $current_color); ?> />
    219219    <table class="color-palette">
    220220    <tr>
     
    249249    <tr>
    250250        <th><label for="user_login"><?php _e('Username'); ?></label></th>
    251         <td><input type="text" name="user_login" id="user_login" value="<?php echo $profileuser->user_login; ?>" disabled="disabled" class="regular-text" /> <?php _e('Your username cannot be changed.'); ?></td>
     251        <td><input type="text" name="user_login" id="user_login" value="<?php echo attr($profileuser->user_login); ?>" disabled="disabled" class="regular-text" /> <?php _e('Your username cannot be changed.'); ?></td>
    252252    </tr>
    253253
     
    275275<tr>
    276276    <th><label for="first_name"><?php _e('First name') ?></label></th>
    277     <td><input type="text" name="first_name" id="first_name" value="<?php echo $profileuser->first_name ?>" class="regular-text" /></td>
     277    <td><input type="text" name="first_name" id="first_name" value="<?php echo attr($profileuser->first_name) ?>" class="regular-text" /></td>
    278278</tr>
    279279
    280280<tr>
    281281    <th><label for="last_name"><?php _e('Last name') ?></label></th>
    282     <td><input type="text" name="last_name" id="last_name" value="<?php echo $profileuser->last_name ?>" class="regular-text" /></td>
     282    <td><input type="text" name="last_name" id="last_name" value="<?php echo attr($profileuser->last_name) ?>" class="regular-text" /></td>
    283283</tr>
    284284
    285285<tr>
    286286    <th><label for="nickname"><?php _e('Nickname') ?></label></th>
    287     <td><input type="text" name="nickname" id="nickname" value="<?php echo $profileuser->nickname ?>" class="regular-text" /></td>
     287    <td><input type="text" name="nickname" id="nickname" value="<?php echo attr($profileuser->nickname) ?>" class="regular-text" /></td>
    288288</tr>
    289289
     
    304304            foreach ( $public_display as $id => $item ) {
    305305        ?>
    306             <option id="<?php echo $id; ?>" value="<?php echo $item; ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
     306            <option id="<?php echo $id; ?>" value="<?php echo attr($item); ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
    307307        <?php
    308308            }
     
    318318<tr>
    319319    <th><label for="email"><?php _e('E-mail') ?></label></th>
    320     <td><input type="text" name="email" id="email" value="<?php echo $profileuser->user_email ?>" class="regular-text" /> <?php _e('Required.');?></td>
     320    <td><input type="text" name="email" id="email" value="<?php echo attr($profileuser->user_email) ?>" class="regular-text" /> <?php _e('Required.');?></td>
    321321</tr>
    322322
    323323<tr>
    324324    <th><label for="url"><?php _e('Website') ?></label></th>
    325     <td><input type="text" name="url" id="url" value="<?php echo $profileuser->user_url ?>" class="regular-text code" /></td>
     325    <td><input type="text" name="url" id="url" value="<?php echo attr($profileuser->user_url) ?>" class="regular-text code" /></td>
    326326</tr>
    327327
    328328<tr>
    329329    <th><label for="aim"><?php echo apply_filters('user_aim_label', __('AIM')); ?></label></th>
    330     <td><input type="text" name="aim" id="aim" value="<?php echo $profileuser->aim ?>" class="regular-text" /></td>
     330    <td><input type="text" name="aim" id="aim" value="<?php echo attr($profileuser->aim) ?>" class="regular-text" /></td>
    331331</tr>
    332332
    333333<tr>
    334334    <th><label for="yim"><?php echo apply_filters('user_yim_label', __('Yahoo IM')); ?></label></th>
    335     <td><input type="text" name="yim" id="yim" value="<?php echo $profileuser->yim ?>" class="regular-text" /></td>
     335    <td><input type="text" name="yim" id="yim" value="<?php echo attr($profileuser->yim) ?>" class="regular-text" /></td>
    336336</tr>
    337337
    338338<tr>
    339339    <th><label for="jabber"><?php echo apply_filters('user_jabber_label', __('Jabber / Google Talk')); ?></label></th>
    340     <td><input type="text" name="jabber" id="jabber" value="<?php echo $profileuser->jabber ?>" class="regular-text" /></td>
     340    <td><input type="text" name="jabber" id="jabber" value="<?php echo attr($profileuser->jabber) ?>" class="regular-text" /></td>
    341341</tr>
    342342</table>
     
    396396<p class="submit">
    397397    <input type="hidden" name="action" value="update" />
    398     <input type="hidden" name="user_id" id="user_id" value="<?php echo $user_id; ?>" />
    399     <input type="submit" class="button-primary" value="<?php $is_profile_page? _e('Update Profile') : _e('Update User') ?>" name="submit" />
     398    <input type="hidden" name="user_id" id="user_id" value="<?php echo attr($user_id); ?>" />
     399    <input type="submit" class="button-primary" value="<?php $is_profile_page? _ea('Update Profile') : _ea('Update User') ?>" name="submit" />
    400400</p>
    401401</form>
  • trunk/wp-admin/user-new.php

    r10995 r11110  
    9292    <tr class="form-field form-required">
    9393        <th scope="row"><label for="user_login"><?php _e('Username (required)') ?></label><input name="action" type="hidden" id="action" value="adduser" /></th>
    94         <td ><input name="user_login" type="text" id="user_login" value="<?php echo $new_user_login; ?>" aria-required="true" /></td>
     94        <td ><input name="user_login" type="text" id="user_login" value="<?php echo attr($new_user_login); ?>" aria-required="true" /></td>
    9595    </tr>
    9696    <tr class="form-field">
    9797        <th scope="row"><label for="first_name"><?php _e('First Name') ?> </label></th>
    98         <td><input name="first_name" type="text" id="first_name" value="<?php echo $new_user_firstname; ?>" /></td>
     98        <td><input name="first_name" type="text" id="first_name" value="<?php echo attr($new_user_firstname); ?>" /></td>
    9999    </tr>
    100100    <tr class="form-field">
    101101        <th scope="row"><label for="last_name"><?php _e('Last Name') ?> </label></th>
    102         <td><input name="last_name" type="text" id="last_name" value="<?php echo $new_user_lastname; ?>" /></td>
     102        <td><input name="last_name" type="text" id="last_name" value="<?php echo attr($new_user_lastname); ?>" /></td>
    103103    </tr>
    104104    <tr class="form-field form-required">
    105105        <th scope="row"><label for="email"><?php _e('E-mail (required)') ?></label></th>
    106         <td><input name="email" type="text" id="email" value="<?php echo $new_user_email; ?>" /></td>
     106        <td><input name="email" type="text" id="email" value="<?php echo attr($new_user_email); ?>" /></td>
    107107    </tr>
    108108    <tr class="form-field">
    109109        <th scope="row"><label for="url"><?php _e('Website') ?></label></th>
    110         <td><input name="url" type="text" id="url" class="code" value="<?php echo $new_user_uri; ?>" /></td>
     110        <td><input name="url" type="text" id="url" class="code" value="<?php echo attr($new_user_uri); ?>" /></td>
    111111    </tr>
    112112
     
    133133</table>
    134134<p class="submit">
    135     <input name="adduser" type="submit" id="addusersub" class="button-primary" value="<?php _e('Add User') ?>" />
     135    <input name="adduser" type="submit" id="addusersub" class="button-primary" value="<?php _ea('Add User') ?>" />
    136136</p>
    137137</form>
  • trunk/wp-admin/users.php

    r11109 r11110  
    150150            echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n";
    151151        } else {
    152             echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";
     152            echo "<li><input type=\"hidden\" name=\"users[]\" value=\"" . attr($id) . "\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";
    153153            $go_delete = true;
    154154        }
     
    158158    foreach ( (array) $all_logins as $login )
    159159        if ( $login->ID == $current_user->ID || !in_array($login->ID, $userids) )
    160             $user_dropdown .= "<option value=\"{$login->ID}\">{$login->user_login}</option>";
     160            $user_dropdown .= "<option value=\"" . attr($login->ID) . "\">{$login->user_login}</option>";
    161161    $user_dropdown .= '</select>';
    162162    ?>
     
    171171    </ul></fieldset>
    172172    <input type="hidden" name="action" value="dodelete" />
    173     <p class="submit"><input type="submit" name="submit" value="<?php _e('Confirm Deletion'); ?>" class="button-secondary" /></p>
     173    <p class="submit"><input type="submit" name="submit" value="<?php _ea('Confirm Deletion'); ?>" class="button-secondary" /></p>
    174174<?php else : ?>
    175175    <p><?php _e('There are no valid users selected for deletion.'); ?></p>
     
    293293    <label class="hidden" for="user-search-input"><?php _e( 'Search Users' ); ?>:</label>
    294294    <input type="text" id="user-search-input" name="usersearch" value="<?php echo attr($wp_user_search->search_term); ?>" />
    295     <input type="submit" value="<?php _e( 'Search Users' ); ?>" class="button" />
     295    <input type="submit" value="<?php _ea( 'Search Users' ); ?>" class="button" />
    296296</p>
    297297</form>
     
    309309<option value="delete"><?php _e('Delete'); ?></option>
    310310</select>
    311 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
     311<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
    312312<label class="hidden" for="new_role"><?php _e('Change role to&hellip;') ?></label><select name="new_role" id="new_role"><option value=''><?php _e('Change role to&hellip;') ?></option><?php wp_dropdown_roles(); ?></select>
    313 <input type="submit" value="<?php _e('Change'); ?>" name="changeit" class="button-secondary" />
     313<input type="submit" value="<?php _ea('Change'); ?>" name="changeit" class="button-secondary" />
    314314<?php wp_nonce_field('bulk-users'); ?>
    315315</div>
     
    375375<option value="delete"><?php _e('Delete'); ?></option>
    376376</select>
    377 <input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
     377<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
    378378</div>
    379379
  • trunk/wp-admin/widgets.php

    r11109 r11110  
    263263        <table class="widefat"><thead><tr><th><?php _e('Sidebar'); ?></th><th><?php _e('Position'); ?></th></tr></thead><tbody>
    264264<?php   foreach ( $wp_registered_sidebars as $sbname => $sbvalue ) {
    265             echo "\t\t<tr><td><label><input type='radio' name='insidebar' value='$sbname'" . checked( $sbname, $sidebar, false ) . " /> $sbvalue[name]</label></td><td>";
     265            echo "\t\t<tr><td><label><input type='radio' name='insidebar' value='" . attr($sbname) . "'" . checked( $sbname, $sidebar, false ) . " /> $sbvalue[name]</label></td><td>";
    266266            if ( 'wp_inactive_widgets' == $sbname ) {
    267267                echo '&nbsp;';
     
    293293        <a href="widgets.php" class="button alignleft"><?php _e('Cancel'); ?></a>
    294294<?php   } else { ?>
    295         <input type="submit" name="removewidget" class="button alignleft" value="<?php _e('Remove'); ?>" />
     295        <input type="submit" name="removewidget" class="button alignleft" value="<?php _ea('Remove'); ?>" />
    296296<?php   } ?>
    297         <input type="submit" name="savewidget" class="button-primary alignright" value="<?php _e('Save Widget'); ?>" />
    298         <input type="hidden" name="widget-id" class="widget-id" value="<?php echo $widget_id; ?>" />
    299         <input type="hidden" name="id_base" class="id_base" value="<?php echo $id_base; ?>" />
    300         <input type="hidden" name="multi_number" class="multi_number" value="<?php echo $multi_number; ?>" />
     297        <input type="submit" name="savewidget" class="button-primary alignright" value="<?php _ea('Save Widget'); ?>" />
     298        <input type="hidden" name="widget-id" class="widget-id" value="<?php echo attr($widget_id); ?>" />
     299        <input type="hidden" name="id_base" class="id_base" value="<?php echo attr($id_base); ?>" />
     300        <input type="hidden" name="multi_number" class="multi_number" value="<?php echo attr($multi_number); ?>" />
    301301<?php   wp_nonce_field("save-delete-widget-$widget_id"); ?>
    302302        </div>
Note: See TracChangeset for help on using the changeset viewer.